Man is not an island, and as such we seek to interact more and more with each other. This has led to a level of intercommunication through the internet that hasn’t been seen before. According to ABI Research, there will be over 30 billion devices connected on the Internet by 2020. Today, our everyday devices are connected to the world including laptops, mobile phones, fitness trackers, smart televisions, home security systems, thermostats, and refrigerators. Furthermore, it’s important to note the devices that connect everything else together, such as routers, access points, and modems.
Many people may not consider their connected devices to be a security threat, but that is not absolutely true. One of the issues with such devices is that many of them do not come configured with security in mind. This makes it very easy to connect an unsecure device to your network thereby giving attackers access to your personal information.
Manufacturers develop products to be more accessible, more user friendly, and to make our lives more integrated. Nevertheless, that also means we are less secure if these devices are not properly configured. Unfortunately, some devices completely lack the option or ability to configure them, making it nearly impossible to secure them. Unsecure devices also give malicious users the means to propagate their attacks onto others by using your insecure devices to attack other networks and devices.
Therefore, not only can your unsecure devices present a risk to you, but they can also become a risk to others who can be victims of an attack from your compromised devices. Think of this in a normal working environment with such devices on company networks.
How to secure your devices
You should do background research before purchasing a connected device, especially a device that may allow someone access into your home, such as a surveillance camera or home security system. This can be easily done by reading online reviews and looking at the company’s website to determine if there are warnings about the security of the device and if the company issues updates/patches to fix security concerns.
Upon purchase, check the default settings and choose the more secure options, such as enabling a password or changing the default password to something only you know.
Below is a list of these basic recommendations and some effective ones that may be less obvious choices.
- Network access or Internet access may be enabled on a device by default. Disable network/Internet access for devices that do not need it. This especially applies to gadgets that may be forgotten online for example smart devices like TVs and fridges.
- Update the device operating system or firmware. Companies often release software updates that patch up recently discovered vulnerabilities. In addition, turn on automatic updates.
- Wireless access points (routers) are oftentimes configured to broadcast the SSID, or network name, consider changing these settings to turn this feature off, which can better secure your Wi-Fi network.
- Wi-fi segmentation. Create two different Wi-Fi networks on your wireless router, if your router supports it. These networks should use different SSIDs and so allow for the ability to separate smart devices from other networked computers, smart phones and tablets. The goal of the separation is to limit the impact a compromised smart home device will have on the rest of the devices on the network.
- Change passwords on all network devices, especially from default “admin” accounts, and be sure to use strong passwords of at least 8 characters including uppercase and lowercase letters, special characters, and numbers.
- Many mobile devices support remotely wiping the device if the device is lost or stolen. Be sure to enable the remote wipe functionality in case the device is ever lost or stolen.
- Turn off location services if not needed.
- Cameras and audio input may be enabled by default on certain devices and applications, giving an attacker access to surveillance. Disable these features if not needed.