The Internet of Things is pretty incredible. We’ve got refrigerators that automatically order more produce when they run out. Voice-activated, color-changing lighting. Thermostats that let us control everything about our home with a few taps on our phone.
The level of convenience offered by IoT is unprecedented – but so is the security risk they represent. You need to approach connected endpoints in both your personal and professional lives with that understanding. Because if you don’t, you’re putting your data (and probably your business’s data) at risk.
To start with, here are a few steps for securing IoT within your own household.
Practice Basic Security Hygiene
It really shouldn’t bear mentioning here, but the first and most important step is to treat your IoT devices just like any other secure endpoint. That is to say, you should take the basic measures required to keep any device secure. These include:
- Where relevant, changing the default login credentials for each device and ensuring each one has a strong, unique password. Write your passwords down, remember them through mnemonics, or use a password manager – whatever it takes to keep track of everything.
- Always make sure you have the latest firmware installed. Most IoT devices now come with a companion mobile app, but for those that don’t, you can always check the manufacturer’s website. When new software releases, install it immediately.
Put Them On A Guest Network
Most home routers now have the capacity to broadcast more than one wireless network – many even have the ability to create a guest network for devices you don’t necessarily trust. I would highly recommend putting all IoT devices in your home on this network. That way, even if someone does break through the flimsy security of your connected fridge or coffee machine, they won’t be able to gain access to anything critical.
Most IoT devices come bundled with a rather dangerous extra feature called Universal Plug and Play (UPnP). The feature itself is pretty much exactly what it sounds like. When you activate an IoT device on a UPnP-enabled router, the router will automatically open the necessary ports for that device to function.
Basically, it exists to make configuring new endpoints more painless.
Where the problem arises is that there are actually several serious vulnerabilities in UPnP which, if exploited, could allow a hacker to take remote control of a range of different connected devices. Better to disable it and accept a bit of added inconvenience.
Keep Your Endpoints Secure and Your Data Safe
The Internet of Things represents an unprecedented step forward in convenience. But it’s a step we need to take with caution. We need to be aware of the security risk IoT represents – because it’s very, very real.