8 ways to improve security on smart home devices

Credit to Author: Kayla Matthews| Date: Wed, 07 Aug 2019 15:00:00 +0000

Every so often, a news story breaks that hackers have made their way into a smart home device and stolen personal data. Or that vulnerabilities in smart tech have been discovered that allow their producers (or other cybercriminals) to spy on customers. We’ve seen it play out over and over with smart home assistants and other Internet of Things (IoT) devices, yet sales numbers for these items continue to climb.

Let’s face it: No matter how often we warn about the security concerns with smart home devices, they do make life more convenient—or at the very least, are a lot of fun to play with. It’s pretty clear this technology isn’t going away. So how can those who’ve embraced smart home technology do so while staying as secure as possible?

Here are eight easy ways to tighten up security on smart home devices so that users are as protected as possible while using the new technologies they love.

1. Switch up your passwords

Most smart home devices ship with default passwords. Some companies require that you change the default password before integrating the technology into your home—but not all. The first thing users can do to ensure hackers can’t brute force their way into their smart home device is change up the password, and make it something that is unique to that device. Once a hacker finds out one password, they’ll try to use it on every other account.

A few ways you can do to create less hackable passwords are:

  • Making them longer than eight characters
  • Creating passwords that are unrelated to pets, kids, birthdays, or other obvious combinations
  • Using a password manager so you don’t have to remember 27 different passwords
  • Using a password generator to create random combinations

2. Enable two-step authentication

Many online sites and smart devices are now allowing users to opt into two-step authentication, which is a two-step process for verifying information before allowing someone access to your account.

If you use a Chromecast or any other Google device, you can turn on this verification and receive email alerts. While you may be the only person to try logging into your account, it helps to know you’ll be notified if someone does try to hack in and get your information.

3. Disable unused features

Smart home tech, like the Amazon Echo or Google Nest, have made headlines for invasively recording users without their knowledge or shipping with unknown features, such as a microphone, that are later enabled. This makes trusting those devices implicitly a bit of a hazard.

While your voice assistant won’t be recording you all the time, it can be triggered by words used in a conversation between two people. Check your home assistant’s logs and delete your voice recordings if you find any you don’t approve of.

You can always turn off the voice control features on these devices. While their purpose is to respond to vocal commands, they can also be accessed through an app, remotely, or through a website instead.

4. Upgrade your devices

When was the last time you purchased smart tech for your home? If it was long enough ago that software updates are no longer compatible with the operating system, it might be time to upgrade.

Upgraded tech will always have new features, fewer malfunctions of previously cutting-edge but now standard innovations, plus more advanced ways to secure the device that may not be available on earlier models.

Another benefit of upgrading is that there are far more players on the market today than there were just a couple years ago. For example, many people use smart plugs to control their electricity usage, but not every brand considers security a top priority. Keep an eye on those that have received positive reviews by tech and science businesses. They’ll have fewer security issues than older models.

5. Check for software updates

Don’t worry if you don’t have the money for a big smart home upgrade right now. Many times, keeping software updated will do the trick—especially because security issues are most often fixed in periodic software updates, and not necessarily addressed in brand-new releases. Each new version of software released includes not only new functionality, but fixes to bugs and security patches.

These patches work to plug any known vulnerabilities in the smart device that allow for hackers to drop malware or steal valuable data. To make sure your device’s software is always updated, go into your settings to make sure to select automatic software updates. If that’s not possible, set reminders to check for updates yourself at least once per month.

6. Use a VPN

If you have concerns about the security of your ISP’s Wi-Fi network, you might consider using a VPN. A virtual private network (VPN) creates a closed system from any Internet connection, including public ones where you’re most at risk.

A VPN keeps your Internet protocol (IP) address from being discovered. This prevents hackers from knowing your location and also makes your Internet activity untraceable.

Perhaps the most important benefit of using a VPN is that it creates secured, encrypted connections. No matter where you access Wi-Fi—say if you wanted to turn on the air-conditioning at home from the airport—a VPN keeps that traffic secure.

7. Monitor your data

Are your devices sending you reports on energy usage or the top songs you played at home this month? Are you storing or backing up smart home data on the cloud? If not, where does that data go and how is it secured?

Smart home devices may not have easy instructions for determining whether data produced from their usage is stored on the cloud or on private, corporate-facing servers. Rest assured that, whether it’s visible or not, smart device companies are collecting data, whether to improve their marketing efforts or simply to show their own value.

So how can users monitor how their data is collected, stored, and transmitted? Some devices may allow you to back up info to the cloud in settings. If so, you should create strong passwords with two-factor authentication in order to access that data and protect it from hackers. If not, you might need to dig through a device’s EULA or even contact the company to find out how they store the data at rest and at transit, and whether that data is encrypted to ensure anonymity.

If you’d prefer not to let your smart tech back up information to the cloud, you can often manually turn this off in settings. The question still remains: What happens to your data if it’s not in the cloud? That’s where poking around the company’s website or calling them to learn how personal information is stored can hopefully calm your fears.

8. Limit smart home device usage

The only way to guarantee your privacy and security at home is to avoid using devices that connect to the Internet—including your phone. Obviously, in today’s world, that’s a difficult task. Therefore, the second-best option is to consider which devices are absolutely necessary for work, pleasure, and convenience, and slim down the list of smart-enabled devices.

Perhaps it makes sense for an energy-conscious person to use a Nest device to regulate temperatures, but do they need Internet-connected smoke detectors? Maybe some folks couldn’t live without streaming, but could get by using a tradition key over a smart lock.

There’s no such thing as 100 percent protection from cybercrime—even if you don’t use the Internet. So if you want to embrace the wonders of smart home technology, be sure you’re smart about how and when you use it.

The post 8 ways to improve security on smart home devices appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/