I’m interested in adding smart devices to my home but have heard horror stories about security. What should I know before I get started?
This question was answered on March 22, 2017. Much of the information contained herein may have changed since posting.
Smart or connected devices such as doorbell cameras, thermostats and home security webcams are growing in popularity, with estimates that over 24 billion internet-connected devices will be installed by 2020.
If you plan on installing these devices in your home or business, understanding the security issues is pretty important.
IoT - The Internet of Things
Often referred to as the ‘Internet of Things’, these everyday items generally incorporate Internet connections to allow for remote access, monitoring and control.
Getting alerts on your smartphone whenever a webcam detects motion or when someone rings your doorbell as well as having finite control over your thermostat and lighting from just about anywhere has tremendous appeal.
As someone who loves to travel, I personally love the added benefits as they provide pinpoint control as long as you have an Internet connection.
Access is Access
The thing to keep in mind is that if you can access your devices from outside your home, technically, so can anyone else.
The Internet is one huge global network of devices all connected to each other, so you can be next door or on the other side of the ocean and have the same access.
The primary thing keeping unauthorized users from accessing anything you install on your network is whatever security has been setup by that device.
The Default Password Problem
Usernames and passwords are the primary line of defense you have against unauthorized access and making sure they are secure is always your first task.
There have been lots of stories over the years, especially when it comes to web cameras, showing how many of them are completely open to the world because the user didn’t change the default username and/or password.
If you've already installed smart devices on your network and want to see if they are publicly accessible via websites like Shodan, checkout BullGuard's IoT Scanner: https://goo.gl/HbmIuz
Using any Internet connected device with the default administrative password will make you a sitting duck as every default password for just about every device ever made is readily available online at sites like: https://cirt.net/passwords
Don’t Be Afraid
Lots of Internet security experts have written about the ‘security as an afterthought’ approach that the industry has taken, and rightly so.
Security should never be taken lightly by anyone using anything connected to the Internet, but it can also be overhyped or agenda driven.
No different then driving a car that could potentially kill you every day, empowering yourself with knowledge is the key.
If You Don’t Understand It, Get Help
Nothing is 100% ‘hacker-proof’, especially if a malicious party is motivated, but unless you’re a celebrity or a politician, you’re much more likely to become a victim from a ‘random act of hacking’.
This means you made it really easy for an outsider to take advantage of you because you skipped simple security measures like updates and patches that can appear too complex for non-technical users.
For the average user, the convenience benefits far outweigh the risks when it comes to most IoT devices, so don’t let the ‘horror stories’ keep you from educating yourself and using them.
About the author
Posted by Ken Colburn of Data Doctors on March 22, 2017