The “Internet Of Things” is a catch-all term that describes the use of smart devices. We are seeing more and more of these things available and that is not surprising. These devices can automate many essential tasks in the home, which means that they have the potential to make your life easier. At the same time, there is a certain amount of risk that comes with their use. The same technology that makes an IoT device useful to you can also be hijacked by cyber-criminals. Here are a few tips that will help you to avoid such problems.
Look For Devices With Built-In Security
Although you can harden the security of most IoT devices, it’s far better to start with something that already has some basic security measures. This will give you a higher baseline from which to improve. A lot of IoT manufacturers are advertising their devices as “secure,” but advertising can often be misleading.
For a little bit of guidance, we can refer to some legislation from the British Government. The U.S. is still catching up in this department although rapid progress is being made. British law mandates that IoT devices meet three key requirements:
- 1. Must have a unique password that cannot be reset to a universal factory password
- 2. Makers of IoT devices must provide a way for customers to report problems in a timely manner
- 3. Makers of IoT Devices must tell their customers how often the security will be updated
These requirements are a good start, but they don’t go far enough. We hope that the work of the National Institute of Standards and Technology (NIST) will do a little better. A law passed earlier this year mandates that they must set the standards for IoT security. Here is a look at what they have so far.
Investigate The Company Thoroughly
Here is one problem with device security that people often overlook: A connected device can only be as secure as the company from which it came. You see, it is possible for manufacturers to put all kinds of back-door access points into their products. Most of them don’t do this, but it’s still something to watch. In most cases, this is done not for purposes of fraud. More often, companies do this so that they can sell your data to advertisers for market research purposes.
It’s a good idea to make sure that the company has been in business for at least a couple of years. It’s also a good idea to check reviews and testimonials so that you can get a general picture of how satisfied their customers are. Most importantly, you will want to check and see if they have been involved in any recalls or publicly reported incidents.
Look For Something With A Secure Cloud Connection
In recent years, we have seen a number of high-profile IoT hacking incidents. Most of them have amounted to little more than trolling, but that is cause for concern in itself. Internet trolls are generally looking for low-hanging fruit that they can exploit without too much effort or risk. Their continued targeting of IoT devices shows that most of them are weak.
One of the best options around is a secure cloud connection. When your IoT device runs its connection through an encrypted cloud server, it becomes a lot harder for anyone to gain access. In fact, strong encryption can actually take years to break (unless they trick you into giving up the password, of course). An encrypted connection is one of the best security features you can have on an IoT device.
Make Use Of Firewalls
Unfortunately, the proper authorities are not acting very quickly on the implementation of IoT security standards. We could complain about this, but it’s a lot more constructive to look for proactive solutions. One measure that holds great potential is the use of firewalls.
Firewalls, in case you didn’t know, are meant to restrict the connections made between devices. They can be used to regulate both inbound and outbound traffic. We think that they are perfect for IoT devices because these devices do not have to access very much of the internet. Thus, you can block the vast majority of servers, sites, and locations. By only enabling those connections that are absolutely necessary, you can make it much harder for anyone to hijack one of those connections.
Change The Name And Password On The Router
While you are thinking about the security of your IoT devices, you need to also start thinking about the security of your home network in general. Routers are often an easy access point for intruders and there are several reasons for this fact. Many of them use default usernames and passwords, and some of them will use your real name. Although a name alone isn’t much to go on, you want to avoid giving any information to a hostile actor.
Always Use A Strong Password
A lot of cybersecurity articles advise the use of strong passwords. It might seem like tired advice at this point but it’s definitely true. There are readily available pieces of software that can break a simple password in minutes. To get an idea, use this site to test a password. If it’s in the dictionary, it can be cracked in minutes (if not seconds).
Guidelines for a strong password:
- 18-20 characters
- No common dictionary words
- Should contain letters, numbers, and at least one symbol
- Use both upper and lowercase letters
Conclusion
At PCH Technologies, we understand that cybersecurity is essential for everyone that uses the internet. Without it, there are just too many bad things that can happen. If you would like to know more about this subject (or any related question), feel free to call us at (856) 754-7500.