How to secure your IoT devices

Stop. Before you read what I have to say here about how to secure your Internet of Things (IoT) devices I want you to read about how a casino’s high-roller database fell into the hands of hackers via a thermometer. Yeah, a thermometer.

Internet of Things (IoT) devices are just as much of a security risk as an unlocked front door. Sure, they offer tons of convenience for busy people and can do some pretty cool stuff. However, they’re easy to hack in the way that an ordinary door lock is easy to pick if you know what you’re doing.  If you wouldn’t feel comfortable leaving on vacation with your front door wide open you should probably think about securing your IoT devices. Here are a few things you can do:

Create a new network just for your IoT devices

Most WiFi routers nowadays will allow you to create something called a guest network. You can think of a guest network as a sub-network controlled by the same router controlling your primary network.

One common reason for creating a guest network is to allow visitors to access the internet via your WiFi without revealing your password. A guest network also allows you to control how much of your home network visitors can see. Creating a new network just for your IoT devices allows you to isolate untrusted devices. If one of them gets hacked your more important devices won’t be affected.

Do you really need to connect that device?

Just because you can doesn’t mean you should. Is the added convenience of connecting that device to the internet worth the risk? Is it worth the hassle of having to create a guest network, for example? I know that a lot of these features sound pretty cool, but it’s important to understand that when it comes to cybersecurity they aren’t risk-free.

Don’t reuse passwords

This should be a no-brainer and I have a post about how to create a strong password. If you reuse a password and someone manages to snag it you’re in big trouble because that person is going to start trying it with other services. If you have trouble keeping track of your passwords look into using a trusted password manager.

Keep the firmware up-to-date

Firmware is software that’s embedded into hardware and, like all software, firmware can and should be updated on a regular basis in order to apply security patches and reduce your vulnerability to attacks. This isn’t just a good idea. It’s an absolute necessity if you want to keep your devices secure.

Turn off Universal Plug and Play (UPnP)

Universal Plug and Play was designed to make everyone’s life a lot easier. You just plug a device in and there’s no need to wrestle with the headache of trying to figure out how to configure it.  The problem is that Universal Plug and Play makes it a lot easier for hackers to get into your computer or network. So, turn it off.

Exercise caution with the cloud

It’s very common for IoT devices to depend on the cloud in order to function properly. They won’t work without an internet connection, in other words. However, the real problem is when they’re working. When you’re syncing with the cloud is your sensitive data protected? Is it encrypted?  Have you read the privacy policy that came with the device? These are all things to think about when using a cloud-connected IoT device.

Know what’s connected to your network

Knowledge is power. Do you know what’s connected to your network? Are you monitoring the traffic flow? Is the firmware in your devices up-to-date? What happens when an unknown device connects?  Are you alerted? Security depends on keeping track of all your connected devices, all the time. If you’re not doing that you need to step up your security game.