Securing Your Increasingly Smart Home

The following was published in the December 8, 2019 editions of Foster's and Seacoast Sunday.

This holiday season, a lot of smart home devices will be given as gifts. If you get a Wi-Fi indoor or outdoor camera, a video doorbell, a smart speaker with Amazon Alexa or Google Assistant, a smart lock, smart lighting or one of the myriad other devices, you may be introducing a huge security hole to your home.

Many of these devices have been hacked in the past and depending which one you get, you may have vulnerabilities right out of the box. Name brands are your best bet, like Amazon, Google, Nest, Ring and the like. These companies have been in this space the longest and have taken steps to secure their devices, though more can always be done. Be leery of off-brands, names you haven’t heard of or don’t have a lot of reviews if you search them online. While these devices may be less expensive, that savings may come with unacceptable risk. There have been cases of smart home devices with hard coded usernames and passwords that have been leaked and taken advantage of by hackers.

Imagine a hacker getting in to your smart thermostat and seeing the temperature has been held at 58 degrees for the past several days. Hmm, looks like someone is away and the house is a good target for a thief. It’s happened.

Let’s talk about ways you can secure your home network, so you can enjoy these smart devices without making yourself or your home more vulnerability to cyber attack or worse.

First, be sure you are using a robust and secure Wi-Fi router. While most ISPs will provide you with a wireless router as part of your service (for a monthly fee) these are not the most secure devices. If you are at all technically proficient, I recommend purchasing your own cable modem, firewall and wireless access points. If you are not technically proficient, be sure whatever wireless router you use has the capability to have at least two wireless networks and uses the latest wireless security like WPA2. You will want to change the name of the wireless router and the wireless networks to something unique. I recommend not naming them anything that is easily associated to you or your home. Pick random names only you know. Next, change the administrative username and password. Change them to something unique and be sure the password is complex. Wherever possible, enable two-factor authentication.

When it comes to the smart devices themselves, follow a similar strategy. Change the name of the device to something unique so anyone scanning the airwaves near your home will not be easily able to determine what types of smart devices you have online. Change the username and password, using the same strategy recommended for the router. Check the advanced options for the device and if it has services running that you are not using, turn them off. The less the device is doing, the lower the attack surface for the hacker to target.

One of the things that makes smart home devices very popular is that they typically connect wirelessly, making them very easy to install and get online. I like to see these devices on their own Wi-Fi network, separate from the one you put your computers on, so they are isolated on their own network segment and less vulnerable to attack. Ideally, you want a wireless router that will support a minimum of three wireless networks. That way, you can have one for your trusted computers, one for these smart home devices and one for guests. You should never allow visitors to your home to be on the same wireless network as your computers.

These are just a few recommendations to help keep your smart home network safe. Getting these devices is great and they absolutely introduce a lot of convenience to the home. Just be sure you do so safely. You’ll be glad you took the extra time to do so.