We all have voice activated devices (Alexa, Google Home), automated light bulbs, fridges, switches, plug sockets, garage doors and CCTV etc. These are known as Internet Of Things or IoT devices for short but how secure are they and how can we increase their security to protect our network and data?
Why Worry?
There is no doubt that these IoT devices are the future and make our life so much easier but they are also add an increased risk of you becoming the target of hackers. If left unsecure these hackers could steal your personal information, banking details, encrypt your files (Ransomware) or even take control of your cameras to spy on you and your children.
Unsecure CCTV cameras are widespread all over the Internet and finding them is easier than you may think. Visit this link at your own risk: http://www.insecam.org/en/bycountry/GB/
In short, if you own any Smart devices your security and privacy could be compromised. Every Smart device you own provides an entry point into your Network that could leave you open for attacks.
Our 8 Top Tips
Use a VPN Router. When you use a VPN on your router, you can protect your privacy by preventing others from getting a view of your IoT (smart home) activity. A Guardian Router is your 1st line of defence and will provide you with a secure, encrypted connection to the internet. This means if you connect your Smart devices to the Internet through the VPN nobody will be able to monitor any of the activity on the smart devices - not even your ISP.
2. Create a Separate Wi-Fi Network for IoT Devices.
Personally I run my home on multiple network segments. There is my ‘Home’ network with the laptops, NAS, phones and all the important sensitive parts of my Network. There is also my ‘Home IoT’ network, which holds all of my IoT devices including my Smart cameras and doorbell. This limits damage from any breach — if one of my IoT devices gets hacked, the hacker may be able to connect from it to other IoT devices but will not be able to see, let alone reach, my laptop, NAS or other sensitive data on my 'Home' network.” As an extra precaution I also encrypt all of my files and data.
If you own a Guardian Security App or DD-WRT router we have a guide on how to set up a secure 'Guest' network, that is on a different subnet, on our support site, just as I have. You can create more than one of these networks so you can have them for your IoT devices, guests etc. Free registration is required to access our support site which you can visit here: https://guardianroutershelp.freshdesk.com and you can find the guide here: https://guardianroutershelp.freshdesk.com/a/solutions/articles/47001111341
3. Disable Features You Don’t Use.
IoT devices are loaded with features, many of which are turned on by default but we never use. Android and Apple phones have active microphones that monitor everything you say waiting for the 'Hey Google' or 'Hey Siri' commands - Have you ever wondered why you get ads for things you've only spoken about? Simple, If you don't use turn it off!
Many devices give you the ability to control them from anywhere in the World, if you only use them on your home Wi-Fi connection (LAN) disable remote access.
Smart speakers often have Bluetooth connectivity in addition to Wi-Fi. both turned on by default but, if not used can be disabled or hidden. Voice activated 'Smart Assistants' from Google and Amazon and Smart TVs have active microphones and web cameras which store all of your speech, can be used to monitor your home and log your location - Don't use the feature? disable it.
If your CCTV cameras capture anything private such as your location by revealing road signs, road names or registration number of your vehicle mask it out. In short if you don’t use it turn it off as disabling features is all about blocking as many of those multiple entry points as possible.
4. Only buy devices that allow you to change the username and password set. Devices that don't allow you to change default login details are very vulnerable to attack and often have 'backdoors' built in. Don't take the chance, if you can't change the username AND password on your IoT device replace it and buy one that you can.
5. Keep Your Devices Up-To-Date.
Firmware is a type of software that controls your IoT devices. Firmware updates are critical as they often include essential security patches that can greatly enhance your network’s security. As vulnerabilities are discovered firmware updates are released to plug these vulnerabilities. These updates often do not happen automatically so it is good practice to do a manual check every few months and if you find any pending firmware updates, install them right away.
6. Enable Multi-Factor Authentication.
If you use Internet banking you know what multi-factor authentication is. Multi-factor authentication (2FA) is an added layer of security beyond a mere password. With two-factor authentication every time someone, including yourself, tries to log in to your IoT device they have to provide additional proof of identity. This proof can come in the form of a one-time pin (OTP) or a verification code sent to your phone or email address that confirms that the person logging in is you. Most smart devices have the multi-factor authentication feature by default, but there are some devices that don’t. In that case, you can enable 2FA by using third-party apps such as Google Authenticator.
7. Use Strong Passwords.
Always change default usernames and passwords on your devices. Passwords should be contain a minimum of 12 characters and contain a mixture of upper and lowercase letters, numbers and symbols. Here at Guardian Routers we don't use the term 'password' we use 'pass-phrase'. Not only is it far more secure to use a pass-phrase, it is far easier to remember a phrase. Most people will use a simple password, as it's easy to remember, and most will write their passwords down and reuse them, sometimes with slight variation thinking it is secure. ie. mydogsname1 and mydogsname123 thus making it easy for someone to gain access to many accounts with just one password breach. The current top 5 passwords, believe it or not are: 123456 password qwerty football and 1234567. These take seconds to crack and should never be used.
What is a pass-phrase. A pass-phrase is a sentence with a combination of letters, numbers, and symbols that is easier to remember and much harder to crack. You can also mentally link the pass-phrase to the login which makes it even easier to remember. Lets use an Amazon login as an example. How many people have an Amazon password that is Amazon123. I would guess quite a few! A better login for Amazon would be to remember something you purchased on Amazon and turn it into a pass-phrase. Lets say at some point in the past you purchased a 48 inch LED TV from Amazon, you will always remember where you brought your TV which makes it easy for you to associate your TV with your Amazon account and remember, so a good pass-phrase that is easy for you to remember but hard to crack, for your Amazon would be something like my48INledTVc0st£499! I think you'll agree this is far more secure than Amazon123 and not that hard to remember due to the association if compared to a complex password and Change passwords (pass-phrases) regularly. It is important to change your passwords periodically and don’t use the same password for multiple logins.
8. Encrypt your Sensitive files. Encrypting your files is the most important things you can do. Encrypted data is worthless to hackers and scammers! If, despite all of your efforts securing your network and IoT devices, you find you have been hacked and your data stolen BUT you have encrypted it prior to the theft you can breathe a sigh of relief! The easiest and simplest way to protect your data is to encrypt it. This way, and if encrypted properly, if you are hacked or have your cloud account hacked your data is safe. There are are many data encryption programs available, some of which are free but beware as they are not all as safe and secure as they seem. We have tested many of these and without a doubt Axcrypt is the number one. You can read our full Blog on Data Encryption here: https://www.guardianrouters.co.uk/post/spotlight-on-file-security-your-data-has-been-breached
Can I get a AxCrypt free Trial and Discount?
Yes you can. You can sign up and try Axcrypt FREE for 30 days on our link here: Guardian Axcrypt Promotion or by clicking the image above
Not only will you get the 30 Day trial but if you decide you like it and sign up for the premium / business version you will save up to 20%