4 Common-Sense Steps to Defend a Home’s Connected Devices from Hackers
By Andrej Kovačević
Share this on:
In a world where internet connectivity’s coming to countless new devices daily, security concerns are mounting. Here’s how to keep your digital home secure.
In the modern home, connected devices are multiplying. It started with computers, smartphones, and tablets. Then came the rise of smart TVs and connected media players. Lately, it’s been digital assistants and other smart home IoT devices. It’s gotten to the point that, according to research from Deloitte, the average American home now boasts 11 connected devices – and that number is climbing every day.
As you might expect, the proliferation of connected devices is unleashing a wave of new cyber threats. Some of it is due to the general lack of security standards in the latest generation of IoT products, which has led to some disturbing vulnerabilities in widely-used hardware. Then there’s also the fact that many of the companies behind popular smart speakers and other consumer devices seem to view them as an opportunity for nearly unlimited data collection.
In that environment, home users have been left to fend for themselves to protect their data – and their privacy – from outsiders. Yet there’s a distinct lack of common-sense advice for the average non-technical user to follow to stay safe. To help, here are four simple steps the average homeowner can take to improve their home’s digital security and privacy posture.
Start at the Perimeter
In a home network, it’s common to find a cable modem or other ISP-provided device serving as the main internet access point for the home. Like all other connected devices, they’re prone to security vulnerabilities, and users are at the mercy of their ISP to spot and patch them before any damage gets done. As you might imagine, counting on that is not a sane security strategy.
So, the first thing home users should do is purchase a reputable home router and place it between their devices and the ISP modem for an extra measure of protection. It’s a simple upgrade that can both enhance a home’s security posture and provide even better internet performance than the ISP device had provided.
When doing this, it’s a good idea to choose a router with built-in firewall functionality. That will allow for more fine-grain control over what’s allowed into and out of the home network. It also provides greater visibility into what the home’s connected devices are doing at any given time. That makes it possible to spot suspicious network activity and halt it before it’s too late.
Inventory Device Firmwares
Having a solid router in place provides a decent shield against external attacks on a home’s devices, but it’s by no means foolproof. That’s why the next step is to take an inventory of all of the home’s devices to gather information about how (or whether) it’s possible to update their internal firmware and software. That means making a list that contains the following information for all connected devices (wherever possible):
Current software/firmware version
Manual upgrade instructions
Vendor update website addresses
Cadence of software maintenance releases (if available)
With everything written down, you can then create a schedule to check for updates on every device regularly. Doing this keeps the number of vulnerable devices in the home lower, and reduces the attack surface that hackers might try to use to get inside the network.
Switch on Privacy Settings
The next thing to do is to check into the online accounts associated with your connected devices to find out what privacy settings are available and to make sure they’re set appropriately. This is something that may have not existed at the time of the initial product launches for a variety of devices. In response to the growing privacy backlash against unseemly data collection practices, though, most major vendors have added them to their platforms. It’s up to you to make use of them, however.
A good place to start is to take advantage of the ability to opt-out of things like voice recording collection. It’s something that more and more devices do, often without owners even realizing it’s happening. Even though the vendors insist that it’s done to improve the reliability of their products, there’s no real reason that they need to use recordings of private conversations to do it. On top of that, it’s also a good idea to take advantage of as many data-limiting options as your various devices allow. The less data being collected, the less risk.
Turn on 2FA in as Many Places as Possible
The simple reality is, no matter how well you defend your home’s network, the devices inside it will continue to connect to the internet and transmit data. It’s essential to how most of them function. For that reason, the last simple step to take is to act to secure the online accounts associated with your connected devices. The best way to do that, wherever available, is to enable two-factor authentication (2FA). Today, a growing number of online sites and services allow you to do this, in recognition that it’s the best way to keep unauthorized users away from your personal data.
For most modern connected devices, you can enable 2FA using SMS messaging on a cell phone for verification purposes. In many cases, you can even use an authenticator app that generates single-use codes for every login on compatible sites. Doing this is much more effective than any password could ever be because an attacker would need physical access to your mobile device to get into any of your accounts. Plus, it takes the onus off of users to continually rotate passwords, which has long been an Achilles heel of online security.
Connect with Confidence
Although there’s no such thing as a perfect defense where connected devices are concerned, these four common-sense security steps should put a stop to the vast majority of threats most people face. Of course, the key with all of them is vigilance. It’s not enough to just set-it-and-forget-it. It’s critical to keep to a regular schedule that includes checking and upgrading device software and firmware, revisiting security and privacy settings to see what’s been added, removed, or changed, and upgrading hardware when it’s outdated.
And now’s a great time to get started doing it. As we head further into the connected future, with IoT growing by leaps and bounds and 5G networks set to drive an explosion of always-on connectivity, the threats we face now are going to seem like child’s play soon. So those who get used to putting the right care and effort into staying safe now should be well-positioned later. And for those that don’t listen, well, you can’t say you weren’t warned.
Andrej is a digital marketing expert, editor at TechLoot, and a contributing writer for a variety of other technology-focused online publications. He has covered the intersection of marketing and technology for several years and is pursuing an ongoing mission to share his expertise with business leaders and marketing professionals everywhere.