In the past few years, we’ve seen an unprecedented surge in the advent and adoption of “smart” devices. In the car, at work and most importantly, in your home. Fueled by Moore’s Law being as true as ever, powerful computing chips have become smaller and consume much less power, making it trivial to employ small computers in devices that we’ve been using for years or decades and embedding “smarts” into them. There are countless reasons for giving age-old devices smart capabilities, such as:
These are just a few examples, there are infinite possibilities for providing our devices with additional intelligence where there never was before, and we’re likely to see more and more innovation in the coming years.
As great as the possibilities are with smart devices, there are also adverse effects to adopting these devices in your home. For starters, most smart devices connect to some sort of cloud-based “hub”, which is software that is responsible for pushing updates to these devices as well as collecting data from these devices. Anything that sends data to a centralized server is automatically subject to the same computer and internet related security risks that we’ve been reading about for years. You run the risk of your data being intercepted by a malicious third party, you run the risk of someone hacking into the devices and gaining access to your home network (and all other devices within it). This carries a risk of the devices being hacked and their software altered. The result is a host of unpredictable effects on your home and privacy, such as seeing what your security cameras see, hearing what your smart speakers hear or just wreaking havoc on your home’s climate!
While there’s no one size fits all solution for protecting yourself from the device-based or cloud-based attacks that are possible with smart devices, there are absolutely some steps you can take to “be smart” when dealing with this new era of smart devices.
First, it is imperative to ensure you keep the firmware on your smart devices up to date. This can be a pain as many devices out there either don’t update at all, or are very vague on how to go about it. In addition, people tend to buy these things with the assumption that they’ll “just work”, similar to a device’s non-smart counterpart. Read your documentation! If updates are expected for your device, read about how to get them and set a calendar reminder to update your devices every quarter or so. The primary reason a device is going to be updated is going to be for security or privacy concerns, so it’s well worth an investment of your time to do this.
Second, use the built-in security features that many of these devices come with. Many accompanying smartphone apps will require a thumbprint or PIN authentication before using the app, even after you’ve successfully unlocked the phone. Don’t override these features! The manufacturer helped out by taking pains to protect your security and privacy, and it’s absolutely in your best interest to take the extra 3 seconds to authenticate yourself when accessing something that has so much insight into your home and life!
Finally, take control of your devices at your own router. Doing this requires a little more technical expertise, but it is definitely not a highly advanced topic, so find someone technically savvy enough to help you if needed. If a device is, in fact, communicating with a cloud-based hub as noted above, you should know WHY. Do they really need to be connected to that hub at all? If not, you can use your home router software to block a specific device from accessing the internet at all. Often times, devices are just collecting usage statistics and will claim that they are not collecting personal info. This isn’t always the case, and accidental leaks do occur, as happened to LG televisions back in 2013. While blocking a Smart TV from the internet will hamper the TV from doing virtually anything, other devices like garage door openers, thermostats or light switches don’t really NEED to be connected if you really don’t plan to use them outside your own home network. Blocking those devices from incoming or outgoing traffic is a sure-fire way to ensure you won’t be susceptible to data breaches in a manufacturer’s cloud, or to inbound hacking directly into your network. Evaluating exactly why the device needs internet connectivity enables a logical choice on whether or not you want to allow it.
We are still in the infancy of IoT, and it’s best to take every precaution you can while the software bugs are ironed out for each device you purchase. It’s always important to remember that with the added convenience of smart devices comes the added security and privacy concerns. Take the extra steps and protect yourself, your home and your family from potential attacks, just by following a few basic guidelines!