Smart home devices have made our lives a heck of a lot more convenient in recent years. But with that convenience comes a trade-off with security. The Internet of Things industry has exploded extremely rapidly and is now a multi-billion dollar industry. This means that people’s smart homes are now a target for everyone from hackers to run of the mill thieves. But don’t let that get you terrified and paranoid. Like anything, there are ways to minimise risk when it comes to smart home security.
You can indeed create a smart home and still be at ease with its security. Just follow our simple advice on how to secure your smart home.
Weighing the risks of smart home security
We now live in the age of the connected home. Smart home devices come in all shapes and sizes and permeate pretty much every facet of our lives. From Siri and Google Assistant on our phones to refrigerators that update via the web. Pretty much anything that plugs in nowadays is connected to the web in some way. This connected home presents some very clear risks that we need to mitigate.
Hackers do have incentives to hack into your smart home. They could literally gain access to your house or try to pull images off unsecure video cameras. There are all sorts of reasons to try to gain access to someone’s smart home setup.
Think of it like you physical house where you have a key and a lock. You need to be consistent in locking the doors and windows when you aren’t home. You also need to make sure you only share copies of your keys with trusted individuals. Smart homes are very much the same way. We need to secure any areas of weakness in the devices themselves but also be very careful about who else we share data with.
Your first line of defence: The router
By far the most obvious place to protect yourself is on your network router itself. Basically any internet traffic in your home will flow through this single gateway. So let’s make sure that it is as secure as possible. We aren’t going to go into any advanced techniques here, but will instead focus on the issues that would effect the large majority of new smart home owners.
Secure your network
It’s amazing how many people are still operating with a wide open wifi network. You’re going to want to go into the settings on your router and find the section for security. From there find the setting that deals with the security encryption protocol for your network. In there you are going to want to set it to Wi-Fi Protected Access II (WPA2). This is the strongest form of consumer level encryption that you can find. It will vary from router to router but this is the most critical step.
Upon selecting WPA2 you are also going to want to setup as secure password as possible. Remember the key analogy above? You don’t want people guessing you key do you? Create a strong, complex password which contains both capital letters, numbers and symbols. Try to make it longer than 8 characters and be sure to make it unique. Many people’s networks are hacked because they reuse passwords from other services. Your Yahoo mail gets hacked? Same password as your router? Well, kiss your smart home security goodbye. Unique passwords are key!
Our favorite smart home router right now is Google Wifi, especially for beginners. The settings on this system are so straight forward that pretty much anyone can enable everything above in 5 minutes. Find our why we think it is the best mesh wifi system on the market.
Pick a good SSID
You know the name of your wifi network? This is called an SSID. The key here is to select an SSID that is not at all easily trackable back to you. So if a thief know what you may choose as your password, at least they won’t know which SSID is actually yours. Again, this can be chosen in your router settings.
Say goodbye to guest access
Another place where router security fails in when people enable guest access. Just disable it entirely.
How to secure smart home devices
Now that your network is secure, how do you actually secure each smart home device? This is the second way hackers may gain access to your smart home. They may target an individual device like a smart home light bulb or worse yet a security camera. Here’s how to make sure these are secure.
Manage smart home gadget accounts carefully
Like the router example above passwords are key! Each service you use in your smart home will likely have some kind of online login to access settings and manage the devices themselves. For example, your Nest Cam or Amazon Cloud Cam will be accessed by your Nest and Amazon accounts. If these accounts get compromised then hackers and thieves have a way to access data from your smart home.
Again, use longer, complex passwords that are not shared across other accounts and devices. I recommend using a password manager for Last Pass if you are afraid that you may completely forget all of these different passwords.
Only give access to devices to trusted family members and friends. After all, if they are careless with their password then you are sunk.
Keep all devices updated
Security updates are crucial for smart home devices. Many devices receive security updates monthly and it is important to make sure all of your apps are updated and the firmware on your different devices is the latest one. It varies by device, but generally it is good practice to check the apps for each of your smart home devices monthly just to make sure everything is updated.
Buy reputable brands
Last year it was revealed that thousands of Chinese and Russian-made security cameras were streaming their footage to 3rd parties online. Scary stuff right? Well, the easiest way to make sure that this doesn’t happen is to buy reputable brands. If you don’t know the company and reviews are sparse online, then its probably a good idea to skip it.
Look for security features and encryption
Look for the security features on each device which includes what kind of encryption they use when transmitting data. Look for things like AES 128-bit encryption and Transport Layer Security (TLS) on smart home devices like cameras. If you can’t find it online ask the manufacturer or retailer if they know what kind of security protocols the device uses. Good encryption means that it will be next to impossible for someone else to eavesdrop on data being transmitted between your smart home and cloud servers. That is, of course, if your password is secure!
Physical security is still important
Many of our smart home devices may be in the reach of people outside our homes. Security cameras, leak sensors, sprinkler monitors, weather stations… The list goes on. If someone can get their hands on a device physically, then there is a chance that they could either gain access to your smart home network or could disable the device entirely.
For example, for outdoor security cameras, think about the way they are mounted. Are they out of reach of people who may have less than nice ambitions? Can the camera be locked to the mount using a special key like the Nest Cam IQ? Or can the camera just be pulled off of a magnetic mount like the Arlo Pro 2? These are all things to keep in mind.
It is particularly important to think of how smart home security systems will be physically secured. This includes making sure keypads can’t be completely disabled by simply unplugging them or door sensors can be thwarted easily.
Voice Assistants and smart home security
Google Home, Siri and Amazon Echo are hugely popular now. But because they use voice commands, there is a chance that someone could gain access to your data or your physical home with them. Most locks will not allow themselves to be unlocked via voice command because of the obvious danger of someone simply yelling “Alexa, unlock the door.” But this is still something to keep in mind when it comes to specific devices.
Can someone gain access to sensitive information by using your smart home assistant? Well, not really. But there was the recent incident where sensitive information from private conversations was being transmitted unknowingly to a coworker. This was a major breach, but it was mostly bad luck in that the Amazon Echo misinterpreted what the user was saying.
What’s most important is to know that voice assistants are always listening for their wake phrases like “Ok Google” and “Alexa.” We recommend taking some time every few months to actually audit what your voice assistants have recorded. On Google, you can access your Voice Recording Activity page at any time and literally hear the recordings that have come from your Google Assistant device like Google Home. And Amazon offers the same thing with their Alexa recordings.
Secure your cell phone
The largest breaches on smart homes have actually occurred to users that had malicious Android apps installed on their phones. In 2015 some users had their garage doors hacked through this method. What is important is to remember that your phone is now a major vector to hacking your home. So make sure you only install apps from trusted stores like the Apple App Store and Google Play. Anything other than these is putting you at risk.
It is also incredibly important to make sure your phone is secured with a proper code lock screen. Again, if someone gets access to your phone, then they now have access to controlling your whole smart home.
Enable two-factor authentication on everything
We went over how to make a strong password above. But sometimes this just isn’t enough. Everyone slips up at some point and reuses a password or uses something too obvious. That is why using two-factor authentication on as many accounts as possible is very important. This basically means that to access an account you will need a secondary (ever-changing) password that is generated in an authentication app. This tip is not just for smart homes either. Having two factor authentication enabled on as many accounts as you can is just plain good practice nowadays. Check out this page from Google that explains the basics of two-factor authentication.
Conclusion: How to secure your smart home
As you can see, securing your smart home is a multi-faceted process. But it doesn’t need to be daunting. A little common sense and some technical knowledge go a long way in hardening your smart home’s defences. Run through some of these tips right now and you will be much more secure when a hacker comes knocking.