General Guidelines
Step1
Install licensed software only on all computers connected to the network. Pirated software is vulnerable to security threats. Download patches as and when the vendors release them.
Step2
Secure all hosts by installing anti-virus, anti-spyware, anti-phishing and anti-spam programs and a firewall on each machine. Make sure to use latest versions of these tools. Install patches and new releases as soon as they are released.
Step3
Create unique user accounts for all users so anybody working on a computer is required to enter his or her username and password before getting access to the network.
Step4
Maintain logs of user activity. This is especially important when the network is connected to the Internet. Several tools allow you to manage logs.
Step5
Take regular backups of data on all computers.
Step6
Shut down all hosts and networking devices if you are traveling or will not be using the network for extended periods.
Specific Guidelines for Securing a Home Network With Internet Access
Step1
Change the default login information soon after setting up and configuring the Internet connection.
Step2
Avoid remote administration of the network or any of its hosts.
Step3
Ensure that the network is protected by a firewall. You can also use the Windows firewall which is included with all licensed Windows operating systems. Other firewalls can also be deployed.
Step4
Use a router to connect a network to the Internet. All routers come with some form of firewall automatically providing a layer of security to the network. Additionally, routers are a good means of sharing one Internet connection among multiple hosts. Routers support several other features beneficial for a network, wired as well as wireless. Routers used in wired networks are different from those used in wireless networks.
Step5
Feed MAC addresses, unique identifiers of networking devices, into the router and access points so they can identify invalid hosts from those forming the network.
Step6
Disable mobile coding that uses ActiveX, Java and JavaScript especially from sites you do not trust. This restricts outsiders from running malicious code on your PCs.
Step7
Disable SSID broadcast if the network is wireless. Generally, routers and access points regularly and automatically broadcast the SSID making it useful in mobile hotspots where consumers come, use the service and move on. Disabling the SSID, particularly in home offices hides the network from prying eyes though it can still be detected by other means.
Step8
Change the SSID, network name of the router and access points, immediately after setting up the network. The default SSID for ease of configuration is a simple name, which the hackers can easily determine.
Step9
Avoid using dynamic IP addresses. Their ease of use also makes them an easy target. Instead, use static IP addresses for network hosts.
Step10
Use devices that support at least WPE for a wireless network. WPE is a data security protocol especially designed for wireless networks. WPA and WPA2 provide enhanced security. Same levels of data security can be maintained by using equipment conforming to the same security protocol.
Step11
Minimize leakage of wireless signal by placing router and access points in the center of your home. Setting up these devices in a balcony or near a window/door sends the signal outside, where it can be easily used by other appropriately configured devices.
