Whereas smart home automation can make your life more comfortable and efficient, connecting everyday devices to the Internet may cause some concern. Sorry to say, any Internet of Things (IoT) device connected to the Internet has the potential to be hacked.
But this should not stop you from buying your favorite gadgets or go to extremes and sell all your stuff. Even though you might be somewhat wary of cybersecurity, there are some precautions you can take to keep your smart home safe.
How to protect your smart home
Unfortunately, cybercrime is a constant threat. Cybercriminals commit online crimes, targeting computer networks or smart devices. It can range from identity theft to security breaches of your camera’s live feeds, like the infamous Ring camera’s hijacking.
The intrusion was part of a series of security breaches involving Ring’s home security cameras. The company has attributed these episodes to hackers gaining login account credentials. It only takes a username and password for cyber thieves to gain access to any Internet of Things (IoT) devices.
But if you stop and read about every new threat surfacing regularly, you might be tempted to stop using the Internet altogether. That is probably too drastic, especially if you think about how technology helps your everyday tasks be more enjoyable and cost-effective.
Instead, taking a few safety measures can go a long way. As companies create more secure devices and develop better safety protocols, you can do your part. Any person using the Internet or connected devices (like home security systems) should practice the necessary precautions recommended in this article.
Here are some of the best practices every smart homeowner should know and follow:
Before you rush to order the latest video doorbell or smart lock, think about what you expect out of a smart home. Find a balance between convenience and security, so you can truly enjoy the perks of having a house full of smart devices.
For instance, buying a smart speaker might be a must-have on your wish list. The convenience of having a virtual assistant you can ask to arm your security system and lock the doors may be your ultimate goal. But some customers don’t want an imaginary friend that is always listening to all your conversations.
When looking for new devices to add to your smart home ecosystem, check what security features the company offers. Most leading brands already have strict and up-to-date software in play to meet security standards.
For unfamiliar brands, read a couple of reviews from trustworthy websites and publications. It can be a little bit of a hassle, but in the long run, it can bring to light any potential issues the unknown devices have presented in the past.
Creating passwords for networks and smart devices
You go all out and buy the latest smart home products in the market. Would you lock them behind with a cheap lock you purchased at a gas station? I don’t think so. The same goes for passwords: they are the deadbolt behind all your security information.
Creating unique complex passwords is essential to stop hackers from accessing your information. Simple passwords make cyber thieves’ job easy, granting access to your network and connected devices. But how do you know your password is complex enough to protect all your data?
There are some easy recommendations you can follow when creating passwords. Here’s a rundown of some of the most important tips:
Use strong and complex passwords
The longer the password, the more difficult it is to crack! Use 8-12 characters, combining uppercase and lowercase letters, numbers, and symbols. Steer clear of common words that are easy to guess, like the classic “12345” combo.
Also, avoid weak passwords that use a pet’s name, birthdays, or anniversary dates. Even though it might be tempting to use a simple password to remember it, it also makes it easy for cybercriminals to hack into your account.
Don’t write your password down
This is a big no-no! It is a huge security risk to have a notebook at hand with all your passwords written down. You would be surprised at how many people have their usernames and passwords written down on post-its as their “secure measure.”
If some criminal walks into your office and search your desk, you are in big trouble. You make their jobs a lot easier, cracking into your bank accounts or credit card history. If you struggle with generating and remembering passwords, use a password manager on your smartphone or computer.
Sign up for a password manager
Who can remember the passwords for all their smart devices at the top of their head? Especially if you try to remember a 12-letter word that only your subconscious could conjure. There is a more straightforward solution: Generate a complex password using an online password manager.
With a password manager, you won’t have to hit the “Forgot your password?” link each time you log in. They save you the hassle of remembering dozens of complicated passwords.
Password managers store all your usernames, passwords, bank accounts, form fills, and more. They generate random passwords that are difficult for cybercriminals to hack, even with the best technology.
Most password managers have similar features, and some of them are free to use. Companies like LastPass offer one of the best ways to manage passwords and save sites as you log in. Keeper is a paid password manager at the top of the game. It offers fantastic features like Secure File Storage to protect sensitive documents in a highly secure, encrypted digital vault.
Change your passwords frequently
We have been at fault for using the same password for every account. It makes it easier to remember it when you log in to your social media or go online for a shopping spree during Black Friday.
However, it is essential to know that once a cyber thief has your password, he will have access to all your profiles, including your security system. If your password is breached, frequent updates will swiftly render it useless.
That is why it is so important to have a password manager at hand. Password managers help you track how long since you last changed your password. It prevents cybercriminals from having continued access to your data.
A good practice is to change your password a couple of times a year to keep hackers at bay. You should do it about every three months or so for optimal results. You can even ask your Google Assistant to set a schedule to remind you of it.
Don’t share your passwords
It is one thing to share your passwords with a spouse, but it is recommended to keep them as private as you can. Don’t share them with people who don’t live in your home, or even your own children.
Kids may not be mature enough to understand the importance of security and the repercussions of sharing information with strangers. It may be an excellent time to talk to your children about the Internet and teach them acceptable uses without confiscating every smart device in your home.
It might also seem like a good idea to share your security code with your dog walker or a friendly neighbor who waters your plants; don’t do it! Instead, get smart devices and features that you can manage remotely or allow temporary guest passwords.
For instance, most security systems allow you to set up multiple users for every member of your family. You can create your own individual accounts without compromising the entire system. It is better than passing along a shared password at the annual family barbeque.
In case it is absolutely necessary to share your password, the best way to go about it is to send the user name via a text message (SMS). Then, send the password through other means like Skype or Slack. That way, you are not sending login password and user within the same route, making the hacking job a lot easier.
Change default usernames and passwords
Setting up a new device through the smartphone app may create a default username or account for you. One of the first things cybercriminals look for is a list of default usernames.
Hackers probably already know the default passwords that come with many smart products. It does half of their work for them, making it much easier to access your devices’ information.
As companies look to develop more secure devices, the “default username” setting is falling out of practice. Nowadays, you most likely will be asked to create an account using your email address and a two-step Authenticator. But in case you are not asked, changing the default username and password will take you off the list of easy targets.
Enable two-factor authentication
Now that you know how to set a strong password, what you really need is a second way to verify yourself. Take it one step further and enable two-factor authentication (sometimes called 2FA).
Two-factor authentication is like having two passwords for your accounts. No, we are not asking to remember double the amount of passwords; we can hardly remember one! Here’s how it works: a four or six-digit code is generated through an app like Google Authenticator and sent to your smartphone to confirm you are the account holder.
Many smart home devices like Amazon Echo and Google Nest now support 2FA. So even if a hacker gets his hands on your password, he won’t be able to log in to your account without the generated code.
If your smart device apps offer two-factor authentication, don’t hesitate to use it. When you get notifications of suspicious activity on your account, change your password immediately!
But imagine if you lose one of the two authentication devices. You might have a hard time accessing your accounts. Biometric scanners are a new way to use as a failsafe for two-factor authentication.
Biometric options like fingerprints or face recognition are a great addition to the safety scheme, providing a simple and secure way to log into your account. Unfortunately, not all smart devices have these features, so the unique numeric code will work just fine.
Keep your software up to date
After installing all your new toys and their respected passwords, it is time to get them up to speed. Although change can be terrifying, software updates are a good thing. Getting the latest firmware version for your devices will include updates designed to improve digital security and strengthen your defense line against malware and many other online threats.
When the manufacturer sends a software update notification, don’t snooze it. Companies roll out new features and bug fixes to patch a security flaw. Be sure to perform all software updates as soon as they’re available.
Some smart devices update when connected to Wi-Fi. But others require your “divine” intervention. You might have to visit their websites to check for them. See if you can configure your device to automatically run these updates or set a reminder to check them often (once a month is about right).
Running older software versions could leave you vulnerable to hackers seeking to take advantage of unpatched flaws. Fixing those flaws is extremely important with your internet security firmware, leaving no room for hackers to gain access to your operating system.
Routers also need to be updated periodically. We might focus on our new gadgets and forget to check the router settings to see if new updates are available. Router manufacturers update the firmware quite often, so make sure you also do it.
Don’t forget your smartphone and tablet! IoT makers also send updates for their equipment targeting mobile devices. Since you control most smart products through your smartphone, it is always a great idea to keep everything updated to stay on the safe side.
Upgrade your devices
Not every update is about software or firmware. Sometimes the equipment itself is a doorway to a security breach. It may be time to upgrade that old security camera your dad gave you for Christmas five years ago.
Newer models usually offer more robust security measures. Change generic equipment for something better. Every so often, saving money is not the end goal; you want trustworthy brands that have tested out all their gear beforehand.
Take, for example, a garage door opener. Maybe when you bought the house, the garage came with a universal remote control. It means that your neighbor might be able to open your garage door with his. You might want to change it straight away.
Replace outdated equipment as often as your budget allows. The performance may not be suffering, but the security almost certainly is. An aging device means aging security protocols that manufacturers may simply stop upgrading or discontinue its use.
Check the settings
Your smart devices might come with default privacy and security settings you might not need. Some apps collect data about how you use them. This could profit the manufacturer more than they benefit you.
Explore the device’s settings and deny app permissions of specific features you are not using, like location data and Bluetooth connectivity. You can always enable them if you get a smart home device that needs that particular technology.
Avoid public Wi-Fi networks
It might be tempting to manage your smart devices through your smartphone using the free Wi-Fi in a coffee shop. But if you are on public Wi-Fi, it may not be such a good idea. Many open Wi-Fi networks or hub spots don’t use passwords or leading encryption technology since it is expensive to secure a setup of that magnitude.
Other notable threats are rogue networks that look legit. For example, Wi-Fi connections in places like an airport or a park are the perfect opportunity for hackers to gain unauthorized access to your information. You might log into these “fake” networks that don’t require a password, allowing access to your sensitive data.
For quick commands like locking your smart lock or turning off the kitchen lights, it is better to use your cellular plan instead of a public network. It won’t use much data, so don’t worry about consuming your entire internet plan on one simple command.
What happens to more significant tasks like live streaming from your security cameras? The whole point of having them is to have access to your home at any moment, right? If you have unlimited data plans, then you are okay using your cell phone.
But not all of us want to spend too much money on an internet plan. There is an excellent solution to unsecured public Wi-Fi networks: use a Virtual Private Network (VPN).
Virtual Private Network (VPN)
Many companies like Norton include VPN with their antivirus programs. It adds an extra layer of protection to your network. Even if you don’t use it at home, it is recommended to use a VPN when connecting to a public network.
VPNs will encrypt all traffic leaving your devices and hide your IP address. It lets you establish a secure connection to other networks, allowing you to browse the web anonymously. Cybercriminals won’t be able to intercept anything but encrypted data.
A VPN is one of the best ways to secure your privacy at home or in a remote office. Only verified users can access the virtual network using passwords, two-factor authentication, biometrics, or other cryptographic measures.
You can access remote security networks while traveling without worrying about unwanted eyes lurking in. If you are away from the office, you can download files or access private data while using a public Wi-Fi network, guaranteeing a secure connection.
Protect your Home Wi-Fi network
We’ve talked about when you are away from home, but what about your own Wi-Fi connection? It is always a good idea to protect your network and communications, even if you think your router is already “secure.”
Change passwords and names
Out-of-the-box routers are either not very secure or use a generic password like “admin.” Remember to set a strong password the moment you connect the router. Also, change the Service Set Identifier (SSID), which is simply the name of your Wi-Fi network. It is the name that people will see when scanning for nearby networks.
Any device currently connected to your Wi-Fi network will be automatically signed out after you change the name. You will have to reconnect your smartphone, tablet, computers, or smart home devices using the new name and password.
Encrypt your network
Use a robust encryption method like Wi-Fi Protected Access 2 (WPA2) when you set up your Wi-Fi network access. WPA2 is the standard protocol most routers and home networks come with to keep your system protected. In case your device doesn’t have any encryption, you can do it locally using a computer or smartphone connected to the router.
Encryption is a way of scrambling data so that only the proper data owners can understand the information. It helps data breaches, whether it is sent, received, or at rest. It includes text messages on your smartphone, grandma’s secret recipe you kept on your smart fridge, or the banking information sent through an online account.
Massive amounts of personal information are sent online every day. From cloud services to email servers, it is an ongoing connection. That is why encryption is so important to keep all that data private and safe.
Another excellent security measure is to enable firewalls. It protects your network by analyzing and filtering incoming traffic and blocking suspicious sources to prevent cyberattacks on your computer.
Firewalls can either be software or hardware, guarding the traffic at a computer’s entry point (called ports) where information is exchanged with external devices. Software firewalls are programs installed on a computer; the hardware is a piece of security equipment set up between your network and gateway.
Having a firewall will automatically block malicious applications from communicating with other machines on your network. They also prevent unauthorized users from accessing your mails, the company’s website, or any delicate information you have stored on a cloud.
Split Up the Network
It is the holiday season, and you are expecting family and friends to stay with you. Should you give them access to your network? Do you want that many people accessing your security system or your emails?
Don’t worry, you won’t have to be rude. Many routers support a guest networking feature, creating a separate Wi-Fi network for your family and friends to use when visiting. This way, they can access the Internet, but not your network resources.
You can give your guest a password that is easy to remember and create a guest account on your tablet or laptop. They will feel welcome without the awkwardness of you refusing to give out your sacred Wi-Fi password.
Another great solution is to use a completely different Wi-Fi network devoted only to your IoT devices. It will keep your sensitive data on a separate scheme from your other smart devices. If you get hacked, the malware attacking your smart devices will not infect the devices on your leading network.
Splitting up your Wi-Fi network not only will it clear up bandwidth for Netflix fans in the family, but it will separate valuable information on your smartphone or laptop!
Detect phishing attacks
Phishing attacks are one of the most common scams cybercriminals use to make massive profits. Hackers use email, social media, and any other communication to steal sensitive information.
The United States Computer Emergency Readiness Team (US-CERT) defines Phishing as follows:
“Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.”
In simple terms, Phishing is a technique that uses deception, fraud, or con schemes to manipulate the victims into revealing personal information. For example, you might get an email from your Netflix account asking you to update credentials or your credit card information.
The email may look legit, and it will include a link that will take you to a website known for its privacy. Unfortunately, it is a duplicate image of a real company, but with zero confidentiality. The cybercriminal uses the information you facilitate to hack into your accounts and other Internet access.
Security companies, banks, and many more big companies like Apple never ask for private information through emails, let alone provide a link for you to click. The less knowledgeable or overconfident users may fall for these scams; hackers are counting on them.
Phishing has been around almost as long as the launch of the Internet. And with social media and smartphones taking over a big part of our cyber life, they will not go away any time soon. But that doesn’t mean you can’t protect yourself; here are some basic guidelines you can stick to:
• It is okay to click on links from trusted sites, but not on those that appear in random emails and messages. Hover over the link to make sure it is leading you where they are supposed to.
• Most phishing emails will start with “Dear Customer”; It may ask you to fill in the information but may not include your name. Be mindful when you come across these emails. When in doubt, go straight to the source (the trusted website) rather than clicking on a potentially risky link.
• Install antivirus and anti-phishing software, use high-quality firewalls, and keep them up to date. It will prevent access from malicious files getting into your computer.
• Block pop-up windows on your browser. They often pose as a genuine component of a website, but more often than not, they are phishing attempts. If one of these suckers manages to pop, close it using the small “x” in the window’s upper corner. Don’t click on the “cancel” button, as it may take you to an unsafe site.
• Never, ever give out your personal information over the Internet to an unknown recipient. Give the company a call to verify any changes in your financial records or sensitive information. Check your bank statements regularly, along with each of your online accounts, to ensure no illegal transactions or identity thefts are taking place.
When the power goes out, your smart home will no longer work. Some devices are battery-operated, but the communication to the base station or your router may go down. It could leave your home physically vulnerable if the runs out of battery.
Many companies now offer alternative means to keep their gear communicating through power outages, like cellular back-ups for their base station. It ensures that the outage does not result in an unsecured state for the devices.
Another fantastic solution is to get a backup generator or an Uninterruptible Power Source (UPS) for all your smart home devices. It will provide the energy you need during a blackout, so you can keep controlling your IoT devices and not worry about any physical security breach.
Smart homes are a genuinely futuristic experience. With smart locks that can open doors from your smartphone to blinds that go up in the morning with a simple voice command, home automation gains momentum.
But when you learn that cameras or smart speakers can be hacked, it is understandable to have doubts about converting your home into the ultimate smart home marvel. Don’t despair! There is no need to avoid all the benefits that smart home devices deliver.
The trick is to take advantage of some simple steps to help fight cybercrime. Having the right knowledge can help strengthen your vulnerabilities. It is your job to engage in some common-sense guidelines to ensure your family and home’s safety.
Simple things like creating a complex password or avoiding public Wi-Fi can significantly impact your path to better security. Make sure you are updating your equipment and its software regularly. It helps to maintain the safety of your whole system from known vulnerabilities.
While no single action can entirely prevent your smart devices from being hacked, you can significantly reduce the risks. You should consider all the suggestions outlined above to protect your home and business, bringing your own security to the next level with only a few simple steps.
Utilizing these cybersecurity practices can mean the difference between a cybercriminal hacking into your smart appliances and a secure home ready for any attack!