Making your network more secure
In this articleIf you are setting up a home or small office network, here are some best practices you can follow to enhance the security of your computer and your network.
General network security recommendations
The following are general security guidelines for all home and small office networks.
Keep your computer up to date
To help keep the computers on your network safer, turn on automatic updating on each computer. Windows can automatically install important and recommended updates, or important updates only. Important updates provide significant benefits, such as improved security and reliability. Recommended updates can address non-critical problems and help enhance your computing experience. Optional updates are not downloaded or installed automatically.
For more information, see Understanding Windows automatic updating and Turn automatic updating on or off.
Use a firewall
A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers.
Turn Windows Firewall on or off
Run antivirus software on each computer
Firewalls help keep out worms and hackers, but they're not designed to protect against viruses; so you should install and use antivirus software. Viruses can come from attachments in e‑mail messages, files on CDs or DVDs, or files downloaded from the Internet. Make sure that the antivirus software is up to date and set to scan your computer regularly.
Use a router to share an Internet connection
Consider using a router (also called a residential gateway device) to share an Internet connection. These devices usually have built-in firewalls and other features that can help keep your network better protected against hackers.
Don't stay logged on as an administrator
When you are using programs that require Internet access, such as a web browser or an e‑mail program, we recommend that you log on as a standard user rather than an administrator. That's because many viruses and worms can't be stored and run on your computer unless you're logged on as an administrator.
Why use a standard user account instead of an administrator account?
Wireless network security recommendations
If you have a wireless network, there are some additional security precautions that you should take.
Use a network security key
If you have a wireless network, you should set up a network security key, which turns on encryption. With encryption, people can't connect to your network without the security key. Also, any information that is sent across your network is encrypted so that only computers that have the key to decrypt the information can read it. This can help avert attempts to access your network and files without your permission. Common wireless network encryption methods are Wi-Fi Protected Access (WPA) and WPA2. For more information, see Set up a security key for a wireless network.
Change the default administrator name and password on your router or access point
If you have a router or access point, you probably used a default name and password to set up the equipment. Most manufacturers use the same default name and password for all of their equipment, which someone could use to access your router or access point without you knowing it. To avoid that risk, change the default administrator user name and password for your router. Check the information that came with your device for instructions about how to change the name and password.
Change the default SSID
Routers and access points use a wireless network name known as a service set identifier (SSID). Most manufacturers use the same SSID for all of their routers and access points. We recommend that you change the default SSID to keep your wireless network from overlapping with other wireless networks that might be using the default SSID. It makes it easier for you to identify which wireless network is yours, if there is more than one nearby, because the SSID is typically shown in the list of available networks. Check the information that came with your device for instructions about how to change the default SSID.
Position your router or access point carefully
Wireless signals can transmit a few hundred feet, so the signal from your network could be broadcast outside of your home. You can help limit the area that your wireless signal reaches by positioning your router or access point close to the center of your home rather than near an outside wall or window.
Router
A device that sends, or routes, information between two networks (for example, between a home network and the Internet). Routers find the quickest paths for sending information, which makes network connections faster. Routers can be wired or wireless.
Administrator
__elbasuer__
Administrator
A person responsible for planning, configuring, and managing the day-to-day operation of a computer network.
Access point
A device used to connect wireless computers and other wireless devices to a wired network.
Network security key
__elbasuer__
Network security key
A password that can help protect wireless networks from unauthorized access. A network security key encrypts information sent from one network computer to another so that the information can only be read by someone who has the key.
Worm
A self-replicating program, similar to a virus. A worm can make it possible for a malicious user to take over your computer or can send out enough copies of itself to cause your computer or a web or network server to stop responding.
Virus
A malicious computer program designed specifically to replicate itself and spread from computer to computer. A virus may damage hardware, software, or data.
Network
A group of computers or other devices, such as printers and scanners, that communicate either wirelessly or by using a physical connection, such as an Ethernet cable or a phone line.
Encryption
A way to enhance the security of a message or file by scrambling the contents so that it can be read only by someone who has the appropriate key to unscramble it.
Firewall
Software or hardware that can help protect a computer from hackers or malicious software. A firewall helps prevent malicious software (such as worms) from gaining access to a computer through a network or over the Internet, and helps prevent a computer from sending malicious software to other computers.
Service set identifier (SSID)
__elbasuer__
Service set identifier (SSID)
A unique set of letters or numbers that identifies a wireless network. For a computer or device to connect to a wireless network, it must supply that network's SSID. An SSID can be up to 32 characters. SSIDs are sometimes called network names.
Malicious software
__elbasuer__
Malicious software
Software designed to deliberately harm your computer. For example, viruses, worms, and Trojan horses are malicious software. Also known as malware.
Help and How-to
