During the holiday season, many of us are tempted by all the cool new gadgets we can connect into our house. Cameras, smart speakers, baby monitors, door locks, lighting systems, blinds and more abound. However, many of these gadgets can bring more than convenience, they can also bring unwanted visitors, security risks and holiday headaches. Here are some rules of thumbs to consider before buying for yourselves or a loved one.
BUY A MAINSTREAM VENDOR
If you haven’t heard of the company before, and the packaging looks like it was designed by your 10-year old niece using Microsoft Paint, you probably want to give the product a pass. The IoT field is filled with fly-by-night vendors who pump out faddish technology without any security reviews or checks. Larger, well known brand-name vendors have a reputation to protect and are more likely to go through at least basic security reviews.
BE THOUGHTFUL BEFORE BRINGING A CAMERA OR MICROPHONE INTO THE HOUSE
Many IoT camera and smart speaker vendors upload your video and audio to the cloud. Some will even share video with law enforcement, with very few protections for consumers. These technologies are also very attractive to criminals who have used them to spy on kids, make verbal threats and more. If you are going to bring these devices into your home, make sure your family and visitors are aware that the things they say and do in front of these devices can end up in 3rd party hands.
AUTO-UPDATE, OR SET YOURSELF A REMINDER TO UPDATE THEIR SOFTWARE
Most IoT devices will allow you to auto-update, although even so many require a manual update for more complicated software patches. Set yourself a quarterly schedule to review and update the software on these devices to make sure they’re protected with the latest software versions.
CONNECT DEVICES TO A SEPARATE NETWORK, BEHIND YOUR GATEWAY OR FIREWALL
Since they are a security risk, keep these devices connect to a separate wireless network from your normal laptops and desktops. This will reduce the risk of your sensitive data being compromised if these devices are used to gain a foothold into your network. Also, whenever possible put these devices behind your gateway or firewall so they are not directly exposed to the Internet and attackers.
CONSIDER THEM SHORT TERM PURCHASES
Before you plunk down a thousand dollars on technology, remember that these are basically small, cheap, embedded computers that vendors are unlikely to maintain for 20 years. As such, you should consider it a short term purchase and expect to have to replace it after a few years when the supplier goes out of business or cuts off the backend cloud services they depend on.
With careful consideration, IoT devices can be a great addition to your home or office. We hope you’re thinking security when you put IoT under the tree this Christmas holiday.
