Blog

The router in your home is the gateway into your network. Your first step should be to ensure that this important equipment is protected. It is recommended that you change the default router name (SSID) and security password in the settings. You can usually find the method for this in the product instruction manual. Set it up with a name that doesn’t give away any personal information such as your family name, as well as a complex password with at least 8 characters consisting of upper and lower case letters, numbers and symbols. Ensure you avoid common or easily guessable passwords and that it is kept safely away from the router itself. In fact, it is advisable to change the password on any internet connected device, if possible. Often devices will come with an easily guessable password, such as 1234 or admin, so it is important to change these as soon as you can.

It is also essential that your router should be using a strong encryption setting, for example WPA2, rather than WPA or WEP. This ensures that any data being sent by the router is encoded securely, and that it cannot be read if any messages are intercepted. You could also consider setting up a guest network on your router, if it has that feature available. That way, when guests use your Wi-Fi it doesn’t give them access to the existing devices on your network and your IoT devices.

The next step is to make sure any software on your IoT devices is kept up to date. Manufacturers regularly send out updates to their devices or put these updates on their website for you to download. These updates help to fill any known holes in security and patch any vulnerabilities that have been identified – usually through a known attack. It is important that checking for these updates becomes a regular part of your security routines, because they are not always installed automatically as they might be for other devices such as your laptop.

Many IoT devices come with several features that the majority of people don’t actually need. For example, many have an option to control the device over the internet, from a different location, and some devices are configured to be voice-activated. Do you really need to control your smart kettle from outside your house? These features are often enabled by default, and you need to go into the settings to disable them. It isn’t always complicated, and details are usually provided on the product website, so it is worth it to keep the bad guys out of your devices. Remember, if they can find a way in to your network through one of these devices, they could get to the other devices on the same network, for example your laptop with your online banking! It is also a good idea to create your own key words to start any voice-activated devices, by changing the default wake words on the device if possible. It makes you a much harder target for burglars etc.

Carry out an audit of all the devices currently connected to your network. It is important to take into account devices such as gaming consoles, digital assistants etc. Disconnect any devices that do not currently need to be connected. It takes seconds to unplug or turn off, but drastically reduces the possible ways an attacker could get into your home. If that is impractical the other option you have is to only connect to the internet when you need to. Many smart devices are set up to be automatically always online when they don’t need to be, and they actually only need to be connected occasionally. These devices can be listening or filming you all the time, so think carefully about where you place them. If you do get hacked, and these devices are under the control of a stranger, you could find yourself a victim to threats like webcam blackmail.

If you are going to use apps to control parts of your home, make sure that you have protection on your smart phone too. You should at the very least ensure it is protected with a PIN of six digits or more, alongside any biometric authentication you have set up, but it also would be an extremely good idea to have anti-virus software installed. There are free anti-malware software programs available for you to use, which are better than nothing, but you do get what you pay for. Always buy the best anti-virus that you can afford.

You could also purchase a dedicated firewall device that plugs in to your network and stops cyber threats from reaching your router. Whilst many ISP routers do now have some firewall capability, they are no replacement for the real thing. A firewall security device can analyse the data coming in to (and out of) your network and use this information to help prevent malicious attacks.

It creates a safety barrier for your network which can be used to block risky websites and apps and help you to control what is going on within your home. This can be a fantastic option if you are concerned with the privacy of your data, as it is a great way to prevent malware and hackers from getting their hands on your information. A security device is strongly recommended to anyone who often works from home or deals with sensitive information, as your home is more likely to be a target.

If you do feel that something may be wrong with a device or that something may be affecting part of your network, you should visit the manufacturer’s website to see if there is any information or perhaps ring their technical support department. On many of these devices you can also perform a factory reset, to try and break the control someone might have over your appliance.

By Emma Davis - Head of Testing & Training