Keeping Your Smart Home Devices Secure

This past holiday season, some of the hottest gifts on the market were one of a number of "smart home" gadgets, a burgeoning category of appliances that combine basic household utilities with the power of the internet. Consumers might know these by brand names like the Amazon Echo or the Google Home, both of which serve as voice-controlled hubs for smart home control. These devices can be connected to other smart home appliances that seem to grow more numerous by the day - many of the latest TVs, media players, home security systems and even refrigerators on the market can now connect to each other and to the World Wide Web.

"The potential for personal data theft from smart home devices can't be taken lightly."

Smart home devices boast convenience as well as an undeniable "cool factor," but their rapid growth has made them a target of online thieves and fraudsters too, unfortunately. This issue did not come into wider public consciousness until October 2016, when a massive, coordinated attack  was launched by hackers who had commandeered millions of web-enabled home devices around the world. According to analysis from cybercrime experts who spoke with The New York Times, the anonymous attackers took advantage of security flaws in common digital equipment like DVR machines, wireless internet routers and even baby monitors, using them to effectively disable a large number of websites. Millions of internet users around the world found themselves unable to access several popular web services for hours on Oct. 21.

The global hacking event spurred many news articles portending a new threat of seemingly harmless home devices being turned against their users. Of course, no one needs to worry about their dishwasher revolting against them anytime soon, but the possibility of widespread theft of personal data from smart home devices isn't one to take lightly, either. The question is, can users of these common gadgets do anything to help protect themselves?

Why worry?

First, it's important to understand the real risk of these attacks, which at present is relatively minor for most people. A study from the Hartford Steam Boiler Inspection and Insurance Company estimated that only 10 percent of U.S. consumers  had been victims of such hacking events in recent years. However, those who did fall prey to a compromised device reported total losses between $1,000 and $5,000 - far from catastrophic but still an appreciable amount.

Perhaps the bigger worry is that these kind of attacks will only become more common, and more damaging, as smart home devices grow in popularity and connectivity. Already, some concerns regarding privacy have come up around devices like the Echo and Google Home, since these products work by essentially listening to everything its users say and broadcasting the data across networks. Google and Amazon take security seriously by keeping these devices and networks thoroughly locked down, which decreases the likelihood of sensitive data leaks. But again, the possibility of a problem still exists, and could only grow once this active listening technology is used by more devices. In addition, many of these products use and store sensitive data like passwords, credit card numbers and other personal information.

Smart home device users should be aware of the potential for malicious activity just as any other active internet user should be. Thankfully, doing so isn't much different from the techniques and habits that form the foundation of smart online browsing habits, like becoming familiar with the basics of web security.

Wi-Fi and password security

Most smart home devices work by connecting to a standard wireless internet connection, so setting up a home network correctly is perhaps the best way to secure these tools. As technology guide The Wirecutter suggested, security-minded homeowners  should first choose a solid wireless router, and then make sure to set it up with a strong password. Be sure to use a password that's difficult to guess and unique from any other used for a different account. These two basic steps alone can protect the majority of people from the threat of a rogue device.

For even more security, users could dive into the slightly more advanced settings of their router and web-enabled devices. Most of the latest wireless routers can be configured to broadcast a "guest" network, for instance, which is entirely separate from the standard network. With a guest network enabled, a user can then create a different password and connect each of their smart home devices to it. Using a standard network for computers and tablets and a guest network for more passive devices serves like a digital partition, and would make it much harder for anyone to compromise an entirely connected home.

There are many more settings and tools that can be tinkered with to give homeowners an enhanced degree of online security, but even taking basic precautions with router setup and passwords is enough to prevent the most common kinds of threats. Of course, taking the opposite approach and simply ditching smart home products altogether tends to be an extremely effective solution, but that wouldn't be very much fun, either.