The winter holidays are around the corner, which means you’re probably busy doing some last-minute shopping and ticking off items on your loved ones’ wishlist. As you wrap presents, take extra caution with any IoT devices.
Nanny cams, fitness trackers, smart watches, refrigerators and thermostats, interactive dolls and video games, and other IoT devices can make excellent Christmas presents, but they can also open the (virtual) door of your home to unwanted surprises. To prevent this, fortify them with proper defenses.
With more people offering connected devices as Xmas presents, it’s of paramount importance to make sure they’re not easily accessible by an outside party, whether that’s a “bad guy” or third parties collecting data you might not want to share. The FBI office in Portland recommends you start by changing the default password and factory settings of the device.
If you can’t figure out how to do that, look for a tutorial online – if none is available, it might be best to ditch the device altogether and look for one from another manufacturer. You wouldn’t want to be stuck with a device that doesn’t let you opt out of certain features. Your new password should be as long as possible and unique for each device. Hackers rely on you using easily-to-guess passwords (think “password,” “password1234” or “12345678”) or the same one across every device.
Take a gander at the mobile apps on your phone that support your brand new IoT device. Check if any of them runs in the background collecting data without your knowledge, and change default permissions if you don’t agree with them. The FBI recommends outright denying permissions that make no sense to you.
While connectivity is the greatest benefit of IoT, keep your stuff separate to secure the network. Sensitive data should be stored safely on a device that’s on a separate system, and you should keep your laptop and fridge on different networks – many modern routers offer a guest network that could be used for this. The goal is to limit the amount of exposed data in case of a breach or, as the saying goes, to not “put all your eggs in one basket.”
Last but not least, perform regular updates across the board. Automatic updates for both hardware and software, but also for the operating systems, should be enabled, and make sure to update with patches whenever prompted.
Image credit: geralt