As smart home technology is becoming increasingly popular, the number of attacks on Internet of Things devices is on the rise. A recent spate of incidents involving consumer IoT devices has seen malicious users gaining access to home networks through holes in device security. Many consumers may now be reluctant to use IoT devices, even though many of those breaches were due to poor user setup.
IoT has a large role to play in the future of home devices, so avoiding the technology doesn’t benefit users in the long run. Users who can properly secure their devices can enjoy their benefits with peace of mind. Below, 14 professionals from Forbes Technology Council examine the critical steps users can take to secure their home technology and security systems from being hacked.
1. Think Before You Buy
While smart devices are convenient, they collect a substantial amount of personal data. To protect yourself, learn what kind of data is collected, how it’s stored and protected, how it’s used, and if it will be shared with third parties. Do your research before purchasing a device to see what protections you have against data breaches from your system. – Stephen Ufford, Trulioo
2. Don’t Use The Defaults
In the ’90s, “The Club” was a popular deterrent that people put in their cars to prevent theft. It didn’t eliminate theft, and it was fairly easy to bypass, but it was an obstacle to overcome. Similarly, default settings on IoT devices make you an easy target. Change the defaults as a baseline—even just changing the password is easy and reduces risk. – Michael Zaic, Wild Sky Media
3. Take Proactive Security Measures
The proliferation of IoT devices requires consumers to go back to the basics of home networking, like isolating Wi-Fi zones, establishing strong passwords and checking monthly usage to identify anomalies. Keeping an eye out for any public disclosure of vulnerabilities in the specific platform that one may be using will help fix issues before they cause any personal damage. – Kris Lahiri, Egnyte
4. Treat Your Data Like You Treat Your Money
Every time you add a new device to the IoT, you’re adding a new vulnerability. Until we change the current paradigm of app integrations and data copying, it’s not going to get any better. The advice I always give is to think of your data like it’s your money. Every time an app asks for permission to access your data, imagine it was asking to access your money instead. Would you still do it? – Dan Demers, Cinchy
5. Make Sure You Get Proper Security Training
The issue with introducing tech into the home is the lack of education. There is little provided today to consumers about what to do to protect their household from cyberattacks at the time of purchase or when researching a product. User manuals should not only provide the “how to install,” but also the “how to secure,” and installers should offer cybersecurity services and training to consumers. – Juliette Rizkallah, SailPoint
6. Get your setup audited.
It can be difficult to make complex systems easy to use or understand—especially when they need to function in an unknown environment set up by non-technical people. Most companies do their best but can’t cover all the possibilities. I suggest people have their home IT systems audited by a security professional, and that we start making inexpensive professional home security services. – Chris Kirby, Retired
7. Separate Your Home And Guest Networks
Use the guest network (common on all modern wireless systems) to set up your home gadgets, IoT devices, personal voice assistants, cameras, etc. These guest networks are separate from the main one. Also, run through the installation instructions and change the default passwords on your new devices! – Ian Amit, Cimpress
8. Choose Local Storage Instead Of The Cloud
Most IoT cameras and doorbells assume storage in the cloud and open the home to outside penetration. With cheap local storage now common, cameras like those by Eufy don’t require subscription fees and explicitly value privacy over price. Simply choosing a better device is likely to yield more security without compromising functionality. – David Cassidy, TCG, Inc.
9. Use A Security-Focused Router
Few modern IoT devices are designed with increased security in mind. One precautionary approach to prevent them from being hacked is to use a security-focused router that regularly scans for vulnerabilities and supports network segmentation that isolates riskier devices on a different virtual local area network. This limits the exposure of personal data and sensitive information. – Christopher Yang, Corporate Travel Management
10. Update And Authenticate
The two most important things you can do to improve the security of IoT devices in your home are: 1) Update and patch the software, and 2) Use the strongest authentication possible. This means using two-factor authentication if possible. Always change the default password and ensure it is long, complex and very difficult to guess. – Caroline Wong, Cobalt.io
11. Get A Password Manager
To gain control of a device, the hacker needs certain information from you. Many of these instances come when default passwords are used or simple phrases are used. I recommend a password manager and a second-factor authentication app (rather than mobile phone SMS) to control access. These will deter the drive-by hacker by increasing the amount of work they have to put into hacking you. – Richard Davis, Katalyst Data Management
12. Use A VPN With Two-Factor Authentication
More sophisticated virtual private network (VPN) technology is finding its way to consumers, and they should use it. VPN technology effectively eliminates the potential for hackers to break in and steal confidential information by creating strongly encrypted tunnels from each device to the internet. Combining VPNs with two-factor authentication is a great starting point for consumers to sleep better at night. – Abe Ankumah, Nyansa
13. Don’t Forget To Protect Your Mobile Phone
Most home smart technology and security systems can be controlled by an app on your mobile phone, so you can’t forget about protecting your smartphone. Be sure you have your smartphone password-protected so that if your phone is lost or stolen, no one will be able to access your home smart tech or security system apps. – Thomas Griffin, OptinMonster
14. Demand Proven Security From The Get-Go
Do research to select products that have a proven track record, continue to update and take recommended precautions. Insist that if you have security concerns they are addressed. If every person an IoT company sold to opened a support request about a potential security threat it would definitely grab their attention. We need all IoT companies to get on board and make security first a priority. – John Ohlwiler, Sentry Technology Solutions