How to keep your smart home secure
Our friends over at Reviews.com have recently created a guide to keeping your smart home secure as many people are unaware of how hackers can compromise the security of their home internet. To support those who use smart devices, the guide explains how technology is commonly hacked, steps to take after, and tips on keeping home networks secure.
Chances are, you’ve seen some hair-raising news stories over the past few years about hackers gaining access to smart home devices, using baby monitors and security cameras to spy on users and sometimes even communicate with them. Nest has drawn the most headlines for these types of stories, but that’s mostly because it’s the most popular manufacturer out there. Competitors like SimpliSafe and Ring certainly haven’t been immune, either.
Research suggests that these aren’t just sensationalist news stories. According to a 2017 Norton report on cyber security, 7% of consumers have had someone gain unauthorized access to a smart home device, with another 13% knowing someone who has.
The good news is that reputable companies are constantly updating their security measures, so as long as you follow some simple precautions, you should feel perfectly comfortable using your smart home devices.
How to Protect Yourself
The best way to get hackers out of your home is to never let them in in the first place. As Lesser put it to us, “An ounce of protection is better than a pound of cure.” Here are some best practices for using connected devices in your home.
Stick to established brands…
It’s best to stick to names you recognize when it comes to smart devices. Companies that have been in the market for longer have reputations to uphold and have likely gone through several rounds of software updates to fix bugs and improve security.
While companies like Nest and Nokia aren’t invulnerable to hacks, you can be confident that they’ll move quickly if a flaw is exposed. These companies also have thorough security measures like two-factor authentication that eliminate the most common points of access. To see the products we feel confident in, check out our reviews of home security systems, home security cameras, and smart hubs.
Update the device’s software…
Every expert we spoke with emphasized regular software updates as the best way to keep your devices secure. “What the hackers are doing is scanning the internet and finding out which versions of software are running with the device. When they find a device that’s running an old version, they don’t need to be much smarter or develop any attacks. They just use well-available tools to use this vulnerability to access this device,” Ashkenazi says. In other words, when a device is running an old version of software, hackers have ready-made strategies for getting into them. “The best way to fight today in security is to just patch it fairly quickly before the hackers have managed to do something.”
When you purchase a smart device from a well-established brand, it should periodically provide software updates to address security issues. Many products, like Nest, update their software automatically, although you might have to enable this option. With other companies, it’s up to you to regularly check for and install updates. In some cases, that means plugging the device into a computer.
Use a unique password…
Because most “hacks” occur simply by logging in with factory-set passwords, or ones compromised from other sites, it’s important to make sure that your passwords on connected devices are unique. Some password best practices include:
Using long passwords
Using random strings of characters
Spacing out special characters
There are also a number of free password managers out there if you only want to remember one.
In addition, we recommend using an extension like Password Checkup by Google. When you sign in to an account, this will automatically check to see if your credentials were exposed by any data breaches.
Enable two-factor authentication…
If your smart device offers two-factor authentication, take advantage of it. This means when you log in from a new device, you’ll be sent a unique code to your phone via text or voice call to confirm your identity.
Companies like Nest and ADT have made two-factor authentication a priority for their connected devices, as it essentially eliminates the low-hanging fruit for most hackers. In response to one recent hack that garnered a lot of publicity, Nest released a statement saying, “These recent reports are based on customers using compromised passwords (exposed through breaches on other websites). In nearly all cases, two-factor verification eliminates this type of the security risk.”
Make sure your network is secure…
Strong cybersecurity starts with your router. If you’re using an older router that doesn’t support WPA2 (WiFi Protected Access 2) security encryption, it’s time to get a new one. WPA2 has been used on all WiFi hardware since 2006 and is continuously updated with the latest security, authentication, and encryption protections.
All of our top picks for wireless routers are WPA2-equipped, so we recommend starting there. Once you have a router you’re comfortable with, make sure the firewall is enabled. You should be able to find instructions for this in the router manual; if you can’t, Lifewire has a great walkthrough of the process. Finally, remember to change the the default log-in credentials on your router as soon as you start using it.
Most of the experts we spoke with also recommended setting up a second WiFi network for your smart devices. “You should plug home automation devices into a network that’s isolated from the network you use for computers, tablets, and phones,” Lesser says. This keeps traffic separate from your general browsing activity, which is more likely to contain sensitive information like banking passwords. Because smart home devices tend to be more vulnerable than PCs or smartphones, this adds an extra layer of security. Some routers are able to set up multiple networks — this guide from Lifewire walks you through the process — but in most cases you’ll need to purchase a second router.
Use an identity theft protection service…
In reality, there’s no panacea for securing your information short of staying offline entirely. If you want even more peace of mind, consider an identity theft protection service. For around $20 per month, these services monitor your credit and personal information and alert you to any suspicious activity. They can also exercise power of attorney to help you efficiently restore your identity in the event that it’s stolen.
What to Do If Your System Has Been Hacked
If you suspect that your device has been hacked, there are a few things you should do immediately. First, disconnect it from the network. “As long as it is connected, it is helping the criminals,” Beheshti says.
From there, check to see if there are any software updates available online. If there are, installing them could potentially resolve the issue. Searching Google for news stories about a hack on your brand can also tip you off to potential problems.
If there aren’t any software updates, try changing the passwords or performing factory resets on both the device and WiFi network. Unfortunately, if none of these steps work, the problem may be with the manufacturer itself, in which case you aren’t left with many options but to wait for a software update.
As scary as this stuff sounds, there’s no need to swear off smart homes; you should still feel comfortable using smart devices as long as you follow some best practices. Ashkenazi put it to us like this: “Some security researchers that will tell you, ‘Don’t use anything.’ But I don’t believe that. Because a lot of these connected devices do make our lives easier. You just have to find the balance.”
You can find the whole guide from Reviews.com here.