How To Best Protect Your Data If You Have Smart IoT Devices (10 Simple Tips)
The Internet of Things is a new wave in technology. Now, you can connect nearly every aspect of your home to the Internet, making your possessions “smart” and able to be controlled remotely. However, this advancement comes with serious risks. There are no security standards for the Internet of Things (IoT), and many low-cost manufacturers eschew even basic security measures. That means your personal data may be at risk. Even if you aren’t too worried about someone learning how you like your coffee, it’s possible for attackers to gather other sensitive info from your home network, simply by accessing an Internet-connected smart device. Here are some basic steps you can take to protect your personal information while enjoying the benefits of the Internet of Things.
Why is the Internet of Things so insecure?
Simply put, because people are willing to buy insecure devices. Most people don’t know what a botnet is, so they don’t worry about their coffee machine sending hundreds of thousands of spam emails (which is something that really happened, by the way!) Customers aren’t willing to pay extra for secure products because they don’t realize how important security is.
Since companies know they can get away with selling at-risk products, there’s no incentive for them to act responsibly and patch security loopholes before their products hit the shelves. That means it is your responsibility to look out for your personal security—no one else will do it for you.
Step 0: See If You’re Already Being Attacked!
Use this Internet of Things scanner to see if any of your devices are known malware targets. If the scanner returns a positive result, your device is almost certainly compromised by hackers. Take it offline immediately, and figure out how to secure it. If it can’t be secured, see about returning it and replacing it with a more-secure model.
Step 1: Buy From Reputable Manufacturers
There are no consensus standards for how to secure the Internet of Things, so you have to make sure you buy a device from a company with a commitment to protecting your data. Belkin, Samsung and LG are good examples. If in doubt, Google “[company] + IoT security” and see if you can find a webpage describing the security measures taken by a manufacturer. If the manufacturer provides automatic software updates, that’s a good sign that they’re concerned about security.
Buying from a startup can be attractive, but there’s always a risk that it will go under and leave you with an expensive, insecure device that will never be fixed. Older companies are more stable and usually better at handling customer concerns. It’s worth spending a little more for a brand name in this case.
If possible, choose a single company to get all your devices from. If your smart home runs on five different platforms, then if even one gets compromised your entire network can be attacked. If you are loyal to a single platform, like Amazon Alexa or Google Home, you are a little safer.
Step 2: Secure Your Home Wi-Fi Network
Check out the settings on your home router. If you’re using Wired Equivalent Privacy (WEP) to secure your network, you are at risk of being attacked. The WEP standard is easy to break through. Instead, switch your security method to WPA2 (Wi-Fi Protected Access II), which is a newer, so-far-unbreakable security standard. While you’re in the settings panel, make sure you have a sophisticated, strong password on your network. Otherwise, anyone could change your Wi-Fi settings! Check the router manufacturer’s website for firmware updates that can make your router, and your network, more secure.
If your network name includes personal details, like “Smith Family Internet,” change it immediately! Attackers can use this information to learn more about you and maybe figure out your security questions or passwords.
Another really good step is to create a second Wi-Fi network just for your IoT devices. Older routers might not be capable of running multiple networks, but it’s a worthwhile investment to upgrade to a newer one that can handle two networks. Both networks should have a strong firewall.
Step 3: Change Your Device Passwords ASAP
Every IoT device comes with a default password that’s usually really easy to guess (We’re talking “password” or “12345,” here.) If you keep the default password, you are a sitting duck for hackers. As soon as you start device setup, change the password to something unique. The harder it is for an attacker to guess your password, the more likely it is that they’ll give up and focus on easier targets.
It’s important that you do this right away, because your device can be taken over by a hacker in just two minutes after you connect it to the internet. Don’t procrastinate on changing passwords!
Step 4: Limit The Connections Your Smart Devices Can Make
Your toaster doesn’t need unlimited access to your home network, much less the whole Internet. Some smart device software can limit your devices to communicating only with other IoT devices within your own home. That means you aren’t at risk of being looped into a botnet.
Carefully consider what purpose you want your devices to serve, and only grant them permissions related to that purpose. Don’t hand over your social media passwords to a device that you don’t want to post to social media!
Step 5: Keep Your IoT Devices Updated
Bookmark the webpages for the IoT devices you own. Once a month or so, check for new firmware for your devices. If there’s an update available, install it immediately. It almost certainly includes security patches that will protect you and your network.
Step 6: Set Up A VPN On Your Router
A Virtual Private Network (VPN) disguises your Internet traffic. If you put one on your router, it will protect every device on your home network—from your laptop to your light switch. Most VPNs offer comparable features, so the decision will come down to price and speed. Look for a VPN that won’t slow down your connections too much. A subscription that costs more than $20 a month is probably not a good deal.
Step 7: Choose Dumb Devices (sometimes)
The more smart devices you have, the more risk you face, period. So if you can live with a non-Internet connected version of something, it might be worthwhile until IoT manufacturers get their security issues worked out. Or if you have multiple devices that overlap in function—a smart TV and an Xbox, for example—consider only attaching one of them to the Internet. You don’t need to connect the Netflix app on your TV if the Netflix app on your Xbox works just as well.
Step 8: Buy A Specialised Router To Protect Your Devices
Some manufacturers like Bitdefender and Norton have developed routers specifically designed to protect your IoT devices from attacks. If your whole home is Internet-connected, consider shelling out for a high-security router to protect you from hackers.
Step 9: Fiddle With The Settings On Your Smart Devices
Check out the default settings on each of your IoT devices. Are you satisfied with them? If not, change them to be more privacy-conscious. If you can enable two-step verification, do so. This step should be done after the more important ones above.
Having a smart home should be fun, and by taking these simple steps you can focus on your fully-automated luxury lifestyle, instead of fretting about security. Good luck!