Aaron Forbes

The 12 days of IoT security

The holidays are finally here! This past month, Minim celebrated with a 12 days of IoT security social media series, which rounded up our top smart home cybersecurity tips for a worry-free holiday season.

We hope that you learned a thing or two to #BeCyberSmart during the holidays and beyond, but in case you missed it, here's a recap of some of the most important takeaways so you can ensure that your new Amazon Alexa or smart thermostat won’t be putting your home network at risk!12 days of IoT security

Takeaway #1: Older IoT devices pose a greater risk than newer devices

Internet-connected devices will always carry some degree of risk when connected to your home network, but the risk of a cyberattack is much higher with older models. Since IoT devices have access to exploitable data, including your personal information and information about other IoT devices you own, it’s vital to protect them. One way to do so is by regularly upgrading to newer models as they become available (and as your budget allows) — for example, swapping out a WiFi 4 router for one compatible with WiFi 6, which is more secure.

Takeaway #2: Some IoT vulnerabilities may be out of your control, but weak passwords aren’t

With 1.4 billion connected-home devices expected to ship out by 2024 — and a lack of security features on a good portion of them — the risk of data breaches and botnet attacks is extremely high. In 2016, the Mirai Distributed Denial of Service (DDoS) attack against Dyn shut down about half the internet for a day by targeting 100,000’s of insecure, unmanaged IoT devices (cameras, doorbells, etc.) in residences. How did this happen? Many of these devices used default usernames and passwords that are easy to discover or guess. An easy way to prevent an attack like this from happening again is by changing the default password on your IoT devices to something stronger and more unique.

Takeaway #3: Maintain separate networks for your personal and work devices

Using separate SSIDs (networks) will protect work devices like PCs and iPhones from potential malware attacks that IoT devices are more vulnerable to. You might actually already be familiar with doing this; segmenting devices between the 2.4 GHz and 5 GHz channels on your home router is a well-known example. Minim’s Work-Life WiFi feature set is an even simpler approach as it enables work-from-home employees to seamlessly create separate Work and Home SSIDs to block communication between devices on the respective networks (AKA: increased security).

Takeaway #4: Update your IoT devices regularly (if you can)

Did you know that many IoT devices can’t be updated once they’re out of the manufacturer’s hands? Make a conscious effort to choose IoT devices from reputable brands, and be sure to check that each device can be updated through an app or automatically. If your IoT devices require manual configuration to be updated, you’ll want to check the manufacturer’s website for instructions on how to do so.

Takeaway #5: Only buy IoT devices that you know will keep your data secure

A Cisco survey of 3,000 U.S. participants found that only 9% of consumers believe their IoT devices are actually safe. Are they right? It depends on which smart devices are in their homes; some IoT devices are significantly more vulnerable to data breaches than others (e.g., the 2019 Symantec Internet Security Threat Report found that routers and smart cameras were the top targeted attack vectors in the home.)

Purchasing through reputable brands can help to minimize this risk of course, but it’s only half of the battle. Consumer configuration of the home network and any default passwords is equally as important as purchasing reputable devices to the data security of your home.

In conclusion

IoT security is an aspect often overlooked by consumers when it comes to protecting their smart homes. If you’ve purchased new smart devices this holiday season for friends, family members, or just for yourself, be sure to take these extra steps to protect your home.

Like this blog?

Subscribe to our newsletter.