5 Simple Ways to Make Your Smart Home Safer
If you are thinking of building a smart home or even if you already have one, you might want to consider improving its safety. In many cases, this is actually easier than it seems, as most common problems are trivial to fix. Safety really is the number one priority as making a mistake with a critical device such as a smoke detector could be fatal. We're going to take a look at 5 simple ways to make your smart home safer, ranging from checking your passwords to optimizing your device selection.
Table of Contents
Warning: to improve safety, some tips may require hands-on action with critical safety devices. It is important that you do not attempt anything you are not comfortable with. A mistake could cause great damage, so always call a professional if you have any doubts. Only you can be responsible for the safety of your specific situation!
1 - Changing Device Passwords
Good practice for preventing any incidents is to change the password for all of your devices. In fact, according to a study conducted by Positive Technologies, 15% of all smart devices are using the default username and password. There might have been a time when such an attack was limited to experts in the field that had access to all the relevant information from instruction manuals. Today, however, access to a device with the default credentials is just a simple internet search away. Try it! Put the product name and model of something you own along with the phrase "default password", and you will find a list detailing the login credentials.
The fact that people don't change the default password wouldn't be that bad if it weren't for automated scripts that scour the internet looking for known devices. I left the defaults on while I was configuring something once, and it took 20 minutes for a bot to find it and start making changes. I fixed it, but it shows that you really can't leave it with the default for even a short amount of time. Once hacked, they could be used in a botnet, sold to burglars who will try to rob the place, or even just used to collect data about you for an unknown actor. This tip is straightforward and will provide substantial protection against the most common vulnerabilities in smart homes.
2 - Update the Software
It's almost a joke at this point, but a prevalent mistake people make is not updating the software of all smart devices. For much the same reason you install updates for your computer, you also install updates on these "mini-computers". We can easily see why this software gets neglected, as in most cases, the updates are not trivial to perform. Some will require the use of an app for your mobile phone, while others may update directly over the internet. The reality is that anything connected to the internet should always be running the latest software. Most home networks have a router that plays many roles, namely, WiFi access point, firewall, and much more.
You don't typically have to worry about devices connected to your home network getting hacked because of a technology called Network Address Translation (NAT). The details of this technology can get complicated, but the short of it is that every computer using the internet on your network shares a single IP address known as your public IP. If you try to access "wltd.org" in your browser, your computer will send a request to the website's IP, and your router will mark that information as coming from you. The website only knows about your router's public IP, so it sends the requested data there.
Your router then identifies that you initiated the connection, so it forwards the response to you. This means that you can't initiate a connection with a computer behind a NAT from the outside, which is why most home networks don't get hacked. You might be wondering how remote access works with these restrictions in place. There are two ways, but one involves configuring the router, so most companies opt for the simple answer. Every device that provides remote control is circumventing the protection of your router somehow. Although greatly simplified, this is why your device ends up being exposed to the outside and why you should keep the software updated.
3 - Keep Your Network Secure
The previous section explains how your router protects you from the threats of the outside world. Despite these protections, there isn't much your router can do if your network is wide open to the outside. Manufacturers have gotten better at providing complex default passwords that aren't on a list somewhere. Still, many people continue to use unsecured networks either with no password, obsolete encryption, or using the default password. Those using WiFi without a password need to go set one immediately. The password actually encrypts the data that is wirelessly transmitted between you can the access point. This prevents someone sitting outside your house with an antenna from seeing everything you are doing on the network.
A bad actor could intercept passwords, credit card details, and other sensitive information depending on the websites you visit. The default password is only marginally better than using no password, if only because it stops regular people from using your network. A determined attacker will get into your network if you use the default password - it only requires a simple internet search. Finally, if you are using an older protocol like WEP or WPA, your network could be cracked real quick, even with a good password. Even WPA2, which is the latest protocol, can be hacked using the KRACK attack, so it's imperative not to use anything older.
Another tip for keeping your network secure is to regularly audit what devices are connected to it by looking in your router's control panel. You are looking for anything you don't recognize to see if your network has already been compromised. It could be a neighbour using your network or possibly something more nefarious, so be sure to check thoroughly! If you find something you don't like, the easiest way to lock it out is to change the WiFi password to something completely different. Additionally, it's good to have a guest network so you can avoid giving away the password to your main network.
4 - Avoid Wifi Smart Devices
You may notice that practically all of the previous points revolve around securing your home network and WiFi. That's because hacking something that doesn't connect directly to the internet is a lot more complicated. For example, you can consider your computer and a Bluetooth speaker - which do you think will be hacked? The computer, of course! Most attacks against individuals (not counting companies) involve easy entry points which are absent when the device is simply not connected to the network. What should you use then?
There are a few protocols you can use that offer implicit security benefits when compared to WiFi devices. Z-Wave and Zigbee are both mesh network protocols that operate on a much lower frequency than WiFi. This allows them to penetrate walls and floors better as well, which can be an added benefit. The advantage of these protocols is that they don't connect to a cloud server over the internet. In fact, almost all communication is local with these types of networks, with the only exception being the hub which often offers remote access.
This is better because there is only a single point of failure, which is the hub. You don't need to worry about keeping each and every device updated as only the hub has contact with the outside. You will still want to update your devices, though, as you never know what kind of exploit could be fixed. Those are actually just two of the options when it comes to local network smart devices. You can also use Bluetooth or Thread, or any other local protocol, as long as most of the devices are shielded from the outside world.
5 - Use Smart Alarm Sensors
This list has mostly been ordered by how effective each action is for improving safety and security, which is why this one is last. You might want to have a smart alarm system to detect physical threats. As these threats are also the rarest, the value of this tip is not always obvious unless something bad happens to your house. Despite that, a smart alarm can still be an excellent addition to the safety of your home. You can obviously use door and motion sensors to detect any intruders, which is one of the most common uses of this technology. It can also be used to alert you when water is leaking or if you've left the window open.
This can extend to anything you need to know about quickly, such as smoke or carbon monoxide alarms. Some video cameras integrate nicely with smart home hubs to overlay events detected by your sensors on the video replay. I covert such a system in more detail in my article about HomeKit Security Systems. With that said, be careful not to become completely reliant on your own work for security and safety. It's good to run your smart sensors in addition to a professionally installed alarm system that will handle things if your system does not work. You can also get creative with this and use the technology to detect certain events you might want to keep track of, such as whether the dog is inside or outside.