Carnegie Mellon University

Smart Home

October 15, 2020

NCSAM Week 2: Secure Your Smart Home and IoT Devices

Each year there seems to be a variety of popular new devices that make your home life more efficient. These devices, along with billions of other physical devices around the world that are digitally connected to the Internet are known as the Internet of Things, or IoT. IoT devices have the ability to perform automated actions, as well as communicate information to other devices. These Internet connected devices are rapidly making the world smarter by connecting the physical and the digital, however with more connected “things” entering our homes and workplaces each day, it is important that everyone know how to secure their digital lives. Do your part and #BeCyberSmart when using IoT devices in your smart home.

Why Should We Care?

  • Cars, appliances, fitness trackers and other wearables, lighting, healthcare, home security, gaming consoles, and more all contain sensing devices that can communicate to each other, as well as trigger actions on other IoT devices. Examples include devices that direct your car to an open spot in a parking lot; mechanisms that control energy use in your home; and tools that track eating, sleeping, and exercise habits.
  • New Internet-connected devices provide a level of convenience in our lives, but they require that we share more information than ever.
  • The security of this information, and the security of these devices, is not always guaranteed. Once your device connects to the Internet, you and your device could potentially be vulnerable to all sorts of risks creating new opportunities for cybercriminals.

Simple Tips

  • Shake up your password protocol.Change your device’s factory security settings from the default password. This is one of the most important steps to take in the protection of IoT devices. According to NIST guidance, you should consider using the longest password or passphrase permissible. Get creative and create a unique password for your IoT devices. Read the Creating a Password webpage for more information. 
  • Keep tabs on your apps. Many connected appliances, toys, and devices are supported by a mobile application. Your mobile device could be filled with apps running in the background or using default permissions you never realized you approved— gathering your personal information without your knowledge while also putting your identity and privacy at risk. Check your app permissions and learn to just say “no” to privilege requests that don’t make sense. Only download apps from trusted vendors and sources. 
  • Secure your network. Properly secure the wireless network you use to connect Internet-enabled devices. Consider placing these devices on a separate and dedicated network. For more information on how you can secure your network, view the 5 Steps to Protecting Your Digital Home news article.
  • If You Connect IT, Protect IT. Whether it's your computer, smartphone, game device, or other network devices, the best defense is to stay on top of things by updating to the latest security software, web browser, and operating systems. If you have the option to enable automatic updates to defend against the latest risks, turn it on. Learn more about how to enable automatic updates for your devices on the Protect What you Connect: Updating Device and Software webpage.