At a minimum, telework computers should have personal firewall software installed. A wired or wireless router hardware device with firewall features will provide an additional layer of security between the ISP and the telework computer.

There are three basic types of hardware devices that include firewalls for home users including wired routers, wireless routers, and broadband gateways. These devices can be used in addition to a software firewall and can also be used to create a home computer network. Popular vendors for these hardware devices include D-Link, Linksys, NetGear, ZoneAlarm, and Apple. Recommended best practices for securing these devices include the following tips:

  • Change default passwords
  • Restrict remote access to the device and disable remote administration
  • Periodically check for and apply firmware updates
Home users should take additional precautions in securing wireless devices:
  • Use strong encryption to protect communications. Recommended choices in preferred order are as follows:
  • WPA2 with AES
  • WPA with AES
  • WPA with Temporal Key Integrity Protocol (TKIP).
  • Restrict access to the wireless network to only allow specifically authorized devices
  • Change the default service set identifier (SSID)
  • Disable SSID broadcasts from the wireless access point
  • Disable administration of the access point through wireless communications

The Windows 7, Vista, and XP operating systems include built-in firewalls that are enabled by default to block threats from the Internet. Teleworkers should leave this feature turned on unless it is replaced with third-party software and/or hardware.

All personal firewalls can monitor incoming communications. Some can also monitor outbound communications to provide better security, but this may cause problems in using certain applications when trying to distinguish between threats and legitimate software. Ideally, personal firewalls should deny all types of communications that teleworkers have not specifically approved as being permitted. Some examples of third-party software firewalls available for Windows computers include the following:

  • ZoneAlarm by Check Point (free and retail versions available)
  • F-Secure Internet Security
  • Comodo Internet Security (free and retail versions available)
  • Outpost Firewall Pro (free and retail versions available)

Apple Mac OS X also comes with a built-in firewall, which provides protection to monitor and block incoming network traffic. Third-party firewall configuration tools such as NoobProof (for beginners) and WaterRoof (for advanced users) are available as free downloads to assist in firewall setup. To enhance the Mac OS X firewall, the following third-party software is available to provide fine-grained control of system services, enhanced logging, and outbound threat protection:

  • The DoorStop X Firewall (free trial and retail versions available)
  • Little Snitch (free trial and retail versions available)

Thanks to Heather for this excellent post!