As more and more devices come online, the threat landscape to home and business networks continues to increase. Do you have Alexa in your house? A streaming media stick connected to your TV? Smart switches or other connected devices? If you do, your network is more exposed than ever.
Recently, it was discovered that Nest cameras could be hacked into relatively easily. In
Google, responded and addressed the security concern related to this incident and is taking steps to ensure all of its smart devices are properly secured.
I wrote about this specific issue a month ago, on April 28 in a column titled “Be sure to secure your home devices,” which you can search for at www.seacoastonline.com. In fact, if you have any Nest devices, you will have been prompted to enable two-factor authentication, another security topic I write about often and you should do this, if you have not already.
You may be familiar with the term Internet of Things, or IoT. This is a catchall phrase that encompasses all types of connected devices. Any smarthome device is considered an IoT device. Streaming media devices, smart speakers, the list goes on and grows every day. Because these devices are growing at a blistering pace, more and more homes and businesses have “smart” devices on their networks.
The problem this presents is that these devices are not always as secure as they should be. Some of this is a result of the technology employed in the device. In other cases, hackers may be targeting the devices because they represent a very large attack surface to exploit. There have been numerous cases of IoT devices being used to orchestrate a targeted attack on some element of the internet.
This is a real concern when it comes to your home and business networks as it represents a risk factor that is not easy to inventory and control. At present, one of the best strategies to minimize this risk is to use a VLAN to segregate the IoT devices on your network. Especially for homes where one of more of the occupants works from home, you should consider your network just like a business network. You should not introduce any devices to your primary network that could present a security risk. You should put those devices on a separated network, so the attack surface is limited to just that part of the network and not the entire network, including work devices.
VLAN technology may be confusing for those who are not IT professionals. Where most of these IoT devices connect wirelessly, you want to be sure you have current, updated and robust wireless hardware that will allow you to create separate networks. Simply put, if you can create a guest or DMZ wireless network, you want to place your IoT devices on one of these. The best option would be the DMZ, which is the same acronym for demilitarized zone. Think of it exactly as that. It’s an isolated area of the network not allowed to touch any other part of the network. This is where to place your IoT devices. If your wireless hardware does not support a DMZ but does support a guest network, place them there.
While not absolutely foolproof, placing your IoT devices in a guest or DMZ network will minimize the risk. Should one of your smart IoT devices be compromised, at least the hackers will not be able to access your primary WiFi network and any important data that you have on it.