By now your home/small business router is pretty secure. No one can find your network by searching for available wireless networks because the SSID isn’t being broadcast. If they do happen to find it, they’ll find they have to provide a key phrase at least 8 characters long to access it.

Let’s say you had a party at your house and someone was able to watch you log into your network, or an ex-employee is still using his credentials to log in and download movies on your office network. How can we keep people out who know their way around the castle walls?

There are two settings in your router that will help.

Look for an option that provides MAC (Media Access Control) filtering. It’s usually on the Security or Filter tab. Every electronic device that connects to your network, wired and wireless, has a quasi-unique MAC address. This is nothing more than an identifying number, expressed as six groups of two hexadecimal digits, separated by hyphens or colons, in transmission order, e.g. 01-30-45-65-87-ab, 01:30:45:65:87:ab.

Your router can tell you the MAC address of each device on your network. MAC filtering limits access to the network to only those machines with pre-approved address. If you create a filter that allows only 01-30-45-65-87-ab to access your network, all other machines with different MAC addresses will be locked out. This again isn’t foolproof, MAC addresses can be spoofed. But few people would bother to go to the trouble of doing that just to gain access to the typical home/small business network.

Another way to prevent abuse of your wireless network is to schedule availability. This is usually listed as Access Control. If you shut off all internet traffic between, for example, midnight and 7 AM, no one will be able to use your network to access the internet while you’re asleep or your business closed. This also limits the opportunities for hackers to attack your network from the internet side.

Let’s recap: Your router’s SSID is unique and not being broadcast, you’ve changed the router’s password and IP address. Only machines with registered MAC addresses are allowed on your network, and the network itself is only available from 7 AM to 11 PM. You are using WPA2 for security with a pre-shared key at least eight characters in length.

While there are other more obscure steps you can take to further tie down your network, the above will provide you with enough security to keep out all but the most determined intruders.

Tomorrow we’ll begin discussing securing your laptop. Portable computers these days have just as many important files and documents as home computers. Once again I have to say that it is virtually impossible to absolutely secure the information stored on your laptop’s hard drive should you lose your computer. But we can take steps that will make the task sufficiently difficult that most people stealing or misappropriating your laptop will simply toss your hard drive away and install their own. You will still be without your computer but at least you’ll be reasonable assured that the information it contains hasn’t been accessed.