If you relish a convenient life and smarter home, the Internet of Things must have been an integral-part by now. As the communications extend from devices to appliances, IoT networks shall soon become as common as Wi-Fi at our homes.
In fact, following up on a report from Fortune Business, the market shall reach $1.1 trillion by 2026. However, the fact that they are tempting prey for cybercriminals has raised concerns over our readiness to ensure complete security, says Yash Mehta.
Yes, the services providers are doing their bit by improving with every release but how responsible are we? How often are we monitoring the logs? Before you plan to expand and include more nodes, here’s a quick run-through the basics of keeping your IoT networks at home secure, and qualitative.
Start with your router
The router is the first entry point to your in-house network of devices and as per Symantec Data, 75% of IoT attacks begin with the router. You must invest in a router that delivers higher degrees of security and performs more than just running the network. Although most ISPs have begun to address the security vulnerabilities, you should still make sure that the one given to you qualifies for the requirement.
Depending upon the type of neighborhood (if densely packed or not), your ISPs maximum upload and download speed and if the ISP supports any other external modem other than the one they recommend using, a router must be selected.
First things first, change your router’s name. The default name, which is mostly the brand’s name is easily identifiable and does 505 of the job for the infiltrator. Just like the password, give an atypical name that doesn’t hold any literal meaning.
Furthermore, use an encryption method for the home’s Wi-Fi connection. Launch the default IP address 192.168.1.1 In your router settings, look for an encryption option, most commonly WPA2, a type of encryption that provides the third (highest) level of security while exchanging data packets.
Enable two-factor authentication
Two-factor authentication is an additional step of approvals needed to sign-in after passwords. A One Time Password that has a shorter validity is sent to the user via email or SMS. Like most devices, websites, and networks provide an option to enable the 2FA, you must ensure the checks in your IoT network also. Although no one else besides you would be signing-in, it is a great way to get notified whenever an infiltration attempt happens.
Disable Universal Plug and Play (UPnP)
A network of connected devices may not always be great as your private data is at risk of exposure. IoT devices have a feature called Universal Plug and Play that enables each one of them to discover devices around and connect automatically. While this eliminates the hassle of manually connecting on a local network, the feature could put your devices to connect anonymously with unknown networks in the public domain.
Use a VPN
A network of connected devices may not always be great as your private data is at risk of exposure. IoT devices have a feature called Universal Plug and Play that enables each one of them to discover devices around and connect automatically. While this eliminates the hassle of manually connecting on a local network, the feature could put your devices to connect anonymously with unknown networks in the public domain.
Use a VPN
Yash Mehta
A Virtual Private Network masks your IP address while connecting you to an enclosed network system from a VPN service provider. So, if you fear the risk of hacking, switch to a VPN service that creates encrypted connections. This keeps your device and the web browsing activity untraceable from the hackers. Here’s a use case – you need to turn off any home appliance from a public place; a VPN connection will ensure protected connectivity and keeping the hackers at bay.
Create a secondary or ‘Guest’ network
Since the router enables you to create multiple networks within the main parent network, you could create a network exclusive for your IoT devices. This is done to prevent hackers from barging into your IoT channel, even if they managed to infiltrate the Wi-Fi. However, if strong encryption methods (such as WPA2) are enabled, hacking becomes near to impossible and sub-networking only adds an extra layer of fortification.
Go to your router’s settings (follow the same drill of launching default IP 192.168.0.1) and create as many secondary networks as you want. For example, create a separate guest network with parental controls for your kids while another one for your guests.
Monitor the usage – disable all unused features
After a point of time, you may lose track of all the appliances connected to the network. Since monitoring them individually is complicated, it is better to restrict their consumption as per requirement. IoT devices have a scary reality. They could be accumulating your private data without your will. Take, for example, devices receiving voice commands; while you are not using them, they still trigger after listening to certain keywords from your conversation.
Ultimately, never ignore the basics
Start with the username and password. Cybercriminals are already equipped with possible default passwords that a new IoT device is given by the manufacturer, making it a step easier for them to access the information. Change the username and the password to a string something that doesn’t make any literal sense. Use strong and complicated passwords including a combination of letters, numbers, special characters, Upper / lower case.
Upgrade all your devices and appliance software and most importantly, start today!
The author of this blog is Yash Mehta an IoT and Big Data Science specialist. He is an award-winning writer appearing in multiple publications.
Comment on this article below or via Twitter:
