envelope

Get more Attorney at Work!

Sign up for our free newsletter.

x

All fields are required. By signing up, you are opting in to Attorney at Work's free practice tips newsletter and occasional emails with news and offers. By using this service, you indicate that you agree to our Terms and Conditions and have read and understand our Privacy Policy.
share TWEET PIN IT SHARE share share 0

Technology

Wireless: Be Safe at Home

By Sheila Blackford

In her previous post Wireless: Hot Spot Safety Tips, Sheila Blackford explained how to connect safely from a café, airport or other public place. Here’s her advice on the precautions you need to take at home as well.

The router you get to run your wireless network at home comes with default settings to make it easy to install and use. But they make it easy to attack your network, too. The fact is that the hackers out there know the default settings for every router—and they’re just waiting for you to give them access to yours.

The problem isn’t limited to just high-tech maldoers, either. In a recent national survey commissioned by the Wi-Fi Alliance, 32 percent of respondents admitted to “borrowing” a neighbor’s unencrypted Wi-Fi connection. While you might not think of your neighbors as a threat to your security, you still want to be very cautious. Much more than your privacy could be at stake—particularly if you work on client files from home.

There are four especially vulnerable security holes to plug in your home network.

1. Network Administrative Username and Password. Change these two defaults and make sure you select a strong password. How to remember it? Choose a phrase that is meaningful to you such as “Oregon Attorney October 4, 2000!” which can become the passphrase:  “Oa100400!” Follow the current password guidelines:

  • Make it at least 8 but preferably 12 characters long.
  • Use a mix of uppercase and lowercase letters and symbols.
  • Change it every six to eight weeks.

2. Wide Area Network (WAN). You can think of this as “Wide Open Network” because if it’s left on default, this setting allows a hacker anywhere out there on the Internet to “see” your settings. The default setting needs to be reset to turn the WAN switch off. This locks down your network to just computers with your network safe password. You can work online but no wireless hitchhikers can join in.

3. Universal Plug and Play (UPnP). This lets you easily add devices like printers to your network. Unfortunately, it can also be used by a hacker to change your router’s settings even if you turned that WAN switch off. So, once you’ve added or set up your printer, turn off the Universal Plug and Play setting on the router, too. If you need to add another plug-and-play device, just turn it on while you do the setup and then close it again when you are done. (You should see a message “Add another device?” You select “No.”)

4. Encryption. There is a setting on wireless routers to encrypt all traffic between the router and connected computers. If the connection is not encrypted, any Wi-Fi capable computer in the area can connect to your router, use your Internet connection, and capture data traffic between the router and any of your connected computers. Choose WPA encryption and, again, a strong password.

It’s not just that you don’t want to share more than a cup of sugar with your next-door neighbor. Someone nearby may be using a simple eavesdropping tool called Firesheep—it’s a free Firefox extension that has been downloaded more than 1 million times since last year. And, of course, even without Firesheep, a moocher may decide to swipe your computer logons, passwords and account numbers. And in some countries, it’s reported that terrorists are using open Wi-Fi networks to run their cells.

The good news is that many new devices are now being shipped with a Wi-Fi Protected Setup that simplifies and standardizes the configuring and securing process of a Wi-Fi network. Look for a black-and-white logo on the box that says “Wi-Fi Protected Setup” and then follow the instructions.

Here’s to some really good private time with your computer when you’re home!

Sheila M. Blackford is an attorney and Practice Management Advisor for the Oregon State Bar Professional Liability Fund. She writes the Just Oregon Lawyers Blog.

share TWEET PIN IT SHARE share share
Sheila Blackford Sheila Blackford

Sheila M. Blackford is an attorney and Practice Management Advisor for the Oregon State Bar Professional Liability Fund. She received her J.D. with Tax Law Concentration from McGeorge School of Law. She is the author of the ABA book “Trust Accounting in One Hour For Lawyers,” co-author of “Paperless in One Hour for Lawyers,” and a past Editor-in-Chief of the ABA’s Law Practice magazine. Sheila is a Fellow of the American Bar Foundation and member of the OSB eCourt Task Force and Public Service Advisory Committee. She writes the Just Oregon Lawyers Blog. Follow her @SheilaBlackford.

 

Comments