Windows 7 / Networking

Enhancing Network Security

Networks connect computers to each other and to the outside world (the Internet). This exposes your computer and network to all sorts of threats from outside, and even from other users within the network. This section highlights some security issues and solutions specific to home networks.

A home network is only as safe as its weakest link, whether that link be a particular user or a particular machine. The following list of ten good ways to make your network safer is by no means all that you should do to protect your network, but are good practices that are worth the time and effort.

  • Use a wireless encryption key for your wireless router. When you install a wireless router, follow the instructions to create a wireless encryption key. Though there are several types of encryption methods offered with similar-sounding names, avoid using WEP, which is older and not very secure. Use WPA2. If you don't encrypt your wireless router, anybody can tap into your wireless network if they can get within range. Some of the newer wireless routers have a very large range. For example, when I turn on a laptop at home with wireless networking turned on, my computer detects anywhere from one to four other wireless networks from neighboring houses. If I can see their wireless networks, they can see mine. If you live in a higher-density neighborhood, such as apartments or dormitories, you will see many more nearby networks, and more people will detect yours.
  • When using public wireless hotspots, assume the worst and use the highest security settings. When you first connect to a wireless hotspot, Windows may prompt you to verify whether you feel safe connecting to this new unknown connection. Even if you do trust the Wi-Fi service provider, use the Public profile recommended by Windows. Whether it be a free service at your library or a subscription service at your local coffee shop, assume that somebody could intercept your data as you surf the Internet or use your e-mail. Do not perform any kind of banking, financial, or shopping tasks from a public hotspot.
  • Restrict what types of programs users on your network can download and install. Free doesn't always mean free. A free screensaver program may have a virus or spyware embedded in it. Popular file-sharing services for swapping videos or music files may require unsafe access through your Windows firewall, and some of these services may violate copyright laws. Downloading lots of videos may soon take up a lot of your hard disk or storage space.
  • Make sure all computers on the network are up-to-date with the latest Windows updates, antivirus, and antispyware software. Turn on automatic updating for any of these types of programs. One unprotected computer on your network can easily infect other protected computers on your network because within a network, computers trust each other more than they do computers outside the network.
  • Make sure all users have their own accounts, and that all accounts on all computers require a password. If your laptop or desktop PC gets lost or stolen, it does no good to have passwords for most of the user accounts if one has no password. Hackers could access your passwordprotected accounts by logging on with the account that has no password.
  • Make sure you have a password reset disk for every computer on your network. If everybody or most users have administrator-level permissions on a computer, they may be able to change the passwords of other users on the computer. With a password reset disk, you can recover control over your computer.
  • Do not give anybody any passwords for any account on your computers. Set up a guest account for limited access to web browsing or e-mail. Typically, when you log in with your user account, you also have other programs that have your personal user accounts such as email, instant messaging, websites, shopping sites, and so forth. Some of these accounts, or Windows, may offer to remember to save your name and password so that you don't have to enter it the next time you visit the site or check the e-mail account. If you give somebody access to your user account, you also give them access to any account with a saved password. If you have a short-term visitor, you can set up a limited guest account. If they are going to be visiting longer term, you can set up a regular user account on the computer, and then remove the account when they leave.
  • Back up every computer and storage device with another computer or storage device. Windows 7 provides backup and recovery software that will help you protect the data on your computer. The Windows operating system and applications can be reinstalled from the original disks. But unless you back up your pictures, files, documents, music, videos, and so forth, you won't have any way to recover them if your computer crashes, is stolen, or is irreparably damaged. Saving all of your important files on an external drive or storage device is not enough. If the only place you store important files for long-term storage and safekeeping is a single storage device, you need to back up that storage device too. Most backup programs send the backups to a separate location from the original place the data came from. Many external hard drives and storage devices (such as network-attached storage) come with or have built-in backup and recovery programs. Use them.
  • Do not share everything with every user on the home network. People accidently delete or move files all the time. One of the reasons for having separate user accounts is so that you can control access to your files. If a member of your family has just about filled up the hard drive with downloaded videos, you don't want them to start deleting your stuff to make room for their downloads. Use Public folders for files that you want to share with other users, or be selective such as sharing your music, pictures, and video folders, but not your other documents.
  • Encourage every user on your home network to use the same user account name and password on every computer they use in the network.
[Previous] [Contents]

In this tutorial:

  1. Basic Networking
  2. Understanding Networks in Windows 7
  3. Network in Windows
  4. Browsing the network
  5. Turning on network discovery
  6. Homegroups Sharing
  7. How to Share More Folders
  8. Advanced Sharing
  9. Sharing printers on a home network
  10. Installing a shared printer
  11. Network Troubleshooting
  12. Windows 7 and Domains
  13. File Sharing with Windows XP
  14. File Sharing with Mac OS X
  15. Enhancing Network Security