Three crucial ways to secure your connected home
Gone are the days when the only internet-connected devices in your home were smartphones and computers. These days, everything from your telly to your thermostat can get online – and that can be a problem when it comes to security.
When we get a shiny new gadget, most of us connect it to the internet without a second thought. And even more security-conscious people can underestimate the risks: after all, what’s the worst that could happen if hackers take control of your smart kettle? A slightly tepid cup of tea?
But in truth, ‘Internet of Things’ security is a big deal.
Compromised devices – even seemingly harmless ones like the aforementioned kettle – can provide hackers with a ‘backdoor’ into the rest of your network. Unscrupulous hackers could take control your connected kit as part of a ‘botnet’, using its connection to launch attacks on other websites and services. And in some rare circumstances, your privacy could even be at risk from hacked devices featuring cameras or microphones.
These risks affect all kinds of connected gear, not just smart thermostats and other flashy gizmos. Networked printers, games consoles and smart TVs can all be vulnerable – so it’s important to stay safe.
That said, there’s no need to panic: these threats are still fairly minor for most people. But if you’ve taken a leaf out of Agent Truluck’s book and started to build a connected home of your own, here are the three most important steps you can take to protect it:
1. Change your kit’s default usernames and passwords
Some internet-connected gear – in particular things like remote cameras and video recorders – allow you to access them from anywhere via a special web page, secured with a username and password
But some less stringent manufacturers use the same default username and password for every device – and this can be a major security risk. As just one example, one well-known piece of malicious software scans the internet for any such devices and harnesses them to power an illegal botnet, simply by using the manufacturer’s default security settings.
This is probably the most common connected home threat – but it’s easily prevented.
For that reason, you should always change the default username and password of any device that connects to your home network. You can usually do this through the device’s web interface – but check the manual or contact the manufacturer if you’re unsure.
2. Keep your devices updated and patched
Sometimes, just using a secure username and password isn’t enough. Despite the best efforts of manufacturers, some devices do reach the market with bugs and vulnerabilities in their software.
Responsible manufacturers will regularly release updates, or ‘patches’, to fix the worst of these problems – but if you don’t apply the patches, you’re not protected!
Some devices, like most smart TVs, automatically check for updates, letting you know when one is ready to download and walking you through the update process. When this happens, it’s important not to delay or postpone the updates for any longer than strictly necessary: every minute you’re unpatched is a minute you’re unsafe.
But some devices require you to manually check for updates and install them yourself. Admittedly, this is a major inconvenience – but it’s worth setting a monthly reminder in your favourite calendar app, reminding you to check.
The exact process for finding and installing updates should be in the product manual – but as always, contact the manufacturer if you’re unsure. Updating your devices manually is a chore, but the peace of mind you’ll gain is worth it.
3. Protect your Wi-Fi network
While it’s important to make sure your connected home devices are up to date and well protected, it’s also crucial to ensure your wireless router itself is defended.
After all, your router is the very heart of your connected home. And whether you’re using additional smart devices or not, it’s crucial to keep it safe and secure.
First and foremost, if your wireless router has a web page you can use to view and change its ‘administrator’ settings, you should change its default username and password – just as you should with other IoT kit, and for the same reasons.
Next, make sure you choose the strongest type of password protection for your wireless network itself. Most routers will let you choose between ‘WPA’, ‘WPA2’ and ‘WEP’. Of these, WPA2 is by far the safest choice – so if your network’s using anything else, change it right away.
Some routers also offer something called ‘WPS’, which lets you add new devices to your network by pushing a button. This is convenient, but it’s also vulnerable to attack – so it’s best to disable it from your router’s settings unless you really need to use it.
Once your passwords and accounts are properly set up, it’s time to consider a firewall – a piece of software which protects your network from unauthorised probes and access attempts. Many routers come with one built in, which you should be able to activate from the router’s settings.
Finally, for the extremely security conscious, you might consider ‘whitelisting’ your devices. This means only allowing certain pre-approved devices to connect to your network – your computers, smartphones, connected home devices and so on.
To do this, you’ll need to know the unique ‘MAC address’ of each device and set it up manually in the router – as ever, check the manual or contact the manufacturer to find out how. This might take you a little while to sort out, but it’s a great way to make sure you know exactly who has access to your network.
With these pieces in place, your connected home should be well protected – but if you’ve got any questions, drop us a line in the comments below and our Agents will do their best to help! And for more great articles straight to your inbox each month, get your name down below for the Geek Squad newsletter!