LOADING...

What Smart Home Users Can Do to Stay Secure and How Manufacturers Can Help Them

Who is ultimately responsible for securing smarthomes: buyers or manufacturers?

Each new IoT device you bring into your home increases the risk of security breach. Each and every one. Say it again: “Internet of Things”, with the emphasis on Internet. If anything is connected to Internet, it will be hacked sooner or later.

Okay, you’ll ask, what’s the big deal if someone messes with my fitness band or my smart light switch? If it stops working properly, I’ll just replace it.

True, the value of a single light switch, even a smart one, is not that damaging, however, this is just the surface of the problem. It’s not your little device the hackers are after, it’s the information it can yield. A hacked fitness tracker can reveal the owner’s training patterns and show when they are not at home. And when a device is part of a network, which is always the case in smart homes, the hackers literally get access to an ocean of data. Each network is only as secure as its weakest link, and the bad guys only need a small breach to get everything under control. Remember, the Death Star was destroyed with a rocket launched into a small exhaust port.

But don’t panic, this does not mean that we all are helplessly exposed to hackers who always seem to be one step ahead. No, it’s us who have to get ahead and be proactive about securing and protecting your property (and yes, information is your most valuable property!).

So, what can we do about our IoT to ensure that these “things” actually serve us rather than pose all sorts of risks?

Wi-Fi Network Security

Your Wi-Fi network is your security perimeter, it is where your internal systems come close to the Internet with the capital “I” where the bad guys are lying in wait. So, start your smart home security with securing your Wi-Fi network.

Do not put all eggs in the same basket

Or, in terms of the smart home security, do not hook everything to the same Wi-Fi network. Look for a router supporting multiple SSIDs (TP-Link routers have such functionality). When setting up your Wi-Fi networks, make sure that the devices through which you work and access your bank accounts and your smart home devices are served by different networks. This way, should your smart home ever be compromised, your most sensitive information will remain secure.

Note for the manufacturer: think of bringing Wi-Fi routers with multiple SSID support from enterprise product ranges into mass-market.

Passwords: to change or not to change

The common recommendation is that passwords should be changed on a regular basis, preferably, once every two or three months. This practice is supposed to prevent hackers from brute-forcing the passwords. However, recent research is going to pull the carpet from under this advice. New passwords are made by users, and when a user is forced to change the password every 60 days, they quickly become overwhelmed and irritated (we are not supposed to write passwords down, are we?). As the result, each new password is a variation of the previous one with small adaptations, for example “myname_1” instead of “myname1”. Such password transformations can create rather long chains.

As the result, the system is at a greater risk, as the user’s passwords become predictable and, therefore, easier to break. However, a different password policy can be applied to ensure higher protection:

  • Aim for strong passwords (at least 12 characters of length, containing combinations of uppercase and lowercase letters, numbers, and special symbols, not explicitly associated with the user)
  • Always change the default password
  • Do not use the same password for different accounts (this especially concerns the different Wi-Fi networks we spoke before. These definitely must have VERY different passwords)
  • If you feel that the password has been somehow compromised, change it

Note for the manufacturer: help your users to manage password and maintain security. You can set the firmware to verify password strength and reject weak passwords or enable multi-factor authentication for increased protection.

Use Firewalls

You do not question the necessity of firewalls in corporate networks, so why should your smart home network be any different? It is a network of many devices and it is connected to Internet, so it definitely needs a firewall, too.

In smart home solutions, you can install a firewall either as a standalone device or as a piece of software supplied together with your Wi-Fi router. In both cases, you will be able to monitor your incoming and outgoing traffic and restrict it, if needed. Use the firewall to allow traffic only to and from the specific device ports and using only the specified network protocols.

Since most smart devices have no built-in protection against breaches or virus attacks, a good solution may be adding one more device to your smart home network — a standalone firewall device which can combine multiple functions.

Check, for example, CUJO — a small device which is both cute and powerful. CUJO can protect all smart devices in your home from external attacks and also restrict access to potentially harmful websites, thus taking over the parental control functions.

Note for the manufacturer: if you produce IoT devices, specify the allowed and restricted ports, protocols and IP addresses in the device description. Avoid configuring devices so that they require unrestricted Internet access.

Security within the Perimeter

No matter how good the network security is, if the devices within it are vulnerable, the entire system may be in danger. There are some simple but effective measures which you can take to protect your IoT devices and, as the result, your whole smart home system.

“Need to Know” Principle

While setting up each device, check its connectivity, especially, the options enabled by default. Disable everything which is not immediately needed — if you do not need remote access right now, switch it off. If a device can connect to a social network, do not store your credentials “just in case”. If you ever need to post on Facebook through your TV, you will enter the credentials then.

The rule of thumb here is simple — configure only the access paths you are going to need and disable everything else.

Note for the manufacturer: avoid shipping devices with remote access enabled by default to make sure it is not overlooked.

Check the Firmware and Applications

Many smart devices come with special factory-installed firmware. Manufacturers always continue developing and improving the firmware either to add some useful features or to fix the detected issues. It is important to update your device firmware whenever a new version or patch is available, because in many cases they contain fixes for security vulnerabilities. Be proactive and check the official websites for updates to ensure better protection of your smart home system.

Another thing is to protect your smartphones and other mobile devices which you use to control your smart home. They are another channel through which hackers can get in, so, first, watch out what you are installing on your mobile device and, second, do install security software and update it regularly to take care of the most recent malware.

Note to the manufacturer: push patches and firmware updates as soon as you find security vulnerabilities and the ways to fix them.

Is It Really That Bad?

If IoT is so vulnerable to hacker attacks, wouldn’t it be wise to get rid of all smart things once and for all? If, according to a research, 75% of smart locks can be broken into, would we be safer if we returned to the good old bars across the door?

Definitely, not. Smart devices are meant to bring us peace and free our time rather than cause us anxiety and nervousness. The IoT industry is on the rise but it has not yet reached its cruising altitude, so a lot of effort is now made to keep it as secure as possible. However, hackers are not sitting idle, either, so smart home owners should take active safety measures and stay tuned for the hottest news from the cybersecurity universe.