Personal Cyber Security Threats

Keep your home secure on the Internet of Things (IoT)

Keep your home secure on the Internet of Things (IoT)

The Internet of Things (IoT) is enriching our lives with automation conveniences by eliminating simple tasks such as adjusting the thermostat and turning off the lights.  As these creature comforts bring a new digital zen to our lives they introduce a risk that most who use these gadgets are not prepared for.  

Using analog devices (devices not connected to a computer network) is the only foolproof way to stay secure in the IoT world.  Anything that you connect to a computer network becomes a potential security risk.  This strategy of living “off the grid,” works well if you are really paranoid or not interested in digital features.  For those of us craving the latest technology, living securely “on the grid,” is a more practical solution.  

The old dishwasher without a Wi-Fi connection works great, but why live with just that when the new model tells your phone the dishes are clean and automatically orders more dishwasher soap from Amazon.  Taking advantage of these new IoT features and staying relatively secure is possible with these recommendations.  

When selecting an IoT enabled product, chose a vendor with a strong track of dedication to cyber security.   Take a look at the vendor’s website that produces the IoT device before you purchase it and ask several critical questions.

  • Do they address cyber security or product security on their website?
  • Do they have track record of software updates to address potential vulnerabilities?
  • Does the device have any industry security certifications?
  • Do they have an emergency response process and team that quickly responds to any potential security vulnerabilities?  

Don’t see anything on their website?  Give the vendor a call and see if they can address your security questions over the phone.  If you are finding the manufacturer is in the dark about cyber security, you probably should consider a different vendor.  Stay away from product manufacturers that are not addressing cyber security head on. 

An additional resource to examine is the US National Vulnerability Database, this database lists products and publicly known security vulnerabilities for those products.  Being listed in the database is not an indicator that a product is not secure, having a patch to the listed vulnerability is what matters.  Perform a keyword search of the database the product name or manufacturer you are considering.  If you find a vulnerability for your product, verify the references in the listing point to a patch for the security issue.

Once you have purchased a product ensure you set it up properly.  First, make sure the home network hosting your IoT device is secure.  You should consider the following before connecting the new IoT product to your home network. 

  • Use a hardwired Ethernet connection if possible rather than Wi-Fi
  • Implement strong Wi-Fi encryption, called WPA2 encryption on your wireless router
  • Create a strong Wi-Fi password for your WPA2 wireless network
  • Ensure the administrator console of your router is not accessible via the Internet
  • Update your Wi-Fi router with the latest software updates
  • Turn on router log-in email notifications, if your router has this option
  • Create a separate and segmented SSID for your IoT devices, if your router has this option
  • Block traffic from crossing between your IoT device SSID and other SSIDs, if your router has this option

The next step is to setup and configure your new IoT device to take advantage of its security features. The security features of every device will vary but these are typical security hygiene features we recommend that you setup on your IoT device.  

  • Download the latest software security updates for your new IoT device
  • Configure the device to automatically update when new updates become available
  • Enable Two Factor Authentication for your log-in credentials, if your product has this feature 
  • Create a strong password for logging-in to your device
  • Turn on log-in email notifications, if your device has this feature
  • Enable logging on your IoT device, if your device has this feature

To further advance the protection of your IoT product, we recommend using a next generation firewall to protect your home network. We stress this to our customers as it provides an additional line of defense and assists in identifying anyone trying to compromise your IoT devices. This is especially important if you have a higher risk profile.  Consult a cyber security or IT professional to have one implemented.

Make your house a smart home but do it securely and enjoy the automatically adjusting thermostats, lights, locks, appliances, TVs and devices that are yet to be invented.  Start exploring the world of IoT today knowing that you have taken the right steps to stay secure.

About Private Client Cyber Security

Former U.S. defense industry cybersecurity executives founded PCCS after struggling to convince large cybersecurity companies to address the cyber risks of public persons and small sized business. 

PCCS provides enterprise-grade cybersecurity consulting and services to professional practices, executives, athletes, and high net worth families.

We strive to provide a personal, professional and a next-generation technology level of cyber protection to our clients. 


Latest Cyber Threat Blogs

Twitter @PCCyberSecurity