Smart Device Safety
October 30, 2017
Your device may be smart, but may not always be secure; many devices are vulnerable and malicious cyber criminals can take advantage.
The following recommendations help secure smart devices, also known as "Internet of Things (IoT) devices from cyber attacks:
- Change default usernames and passwords. Many default passwords are collected and posted on the Internet. Do not use common words and simple phrases or passwords containing easily obtainable personal information, such as important dates or names of children or pets.
- If the device does not allow the capability to change the access password, ensure the device providing wireless Internet service has a strong password and encryption.
- Isolate devices on their own protected networks.
- Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding.
- Review and implement device manufacturer security recommendations, if available. Consider turning devices off when not in use.
- Research your options when shopping for new IoT devices. When conducting research, use reputable Web sites that specialize in cyber security analysis, provide reviews on consumer products, and support consumer advocacy.
- Look for products from manufacturers with a track record of providing security to their Internet-connected products. Look for companies that offer firmware and software updates, and identify how and when these updates are provided.
- Identify what data is collected and stored by the devices, including whether you can opt out of this collection, how long the data is stored, whether it is encrypted in storage, and if the data is shared with a third party. Also identify what protections and policies are in place in case there is a data breach.
- Ensure all IoT devices are up to date and security patches are incorporated when available.
- Use current cyber security best practices when connecting IoT devices to wireless networks and when connecting remotely to an IoT device.
Invest in a secure router with robust security and authentication.
- Most routers will allow users to whitelist, or specify which devices are authorized to connect to a local network. Whitelisting can be used to identify malicious network traffic from unauthorized devices and prevent them from making a connection.
Examples of smart "Internet of Things" devices include:
- Home automation devices (e.g., devices which control lighting, heating and cooling, electricity, sprinklers, locks);
- Security systems (e.g., alarm systems, surveillance cameras)
- Medical devices (e.g., wireless heart monitors, insulin dispensers)
- Wearables (e.g., fitness trackers, clothing, watches)
- Smart appliances (e.g., refrigerators, vacuums, stoves)
- Office equipment (e.g., wireless printers, computer mouse, outlets, interactive whiteboards)
- Entertainment devices (e.g., DVRs, TVs, gaming systems, music players, toys)
- Hubs (devices that control other IoT devices through a single app)
Content courtesy of the Federal Bureau of Investigation, October 2017.
This content is for informational purposes only. Readers should under no circumstances rely upon this information as a substitute for their own research or for obtaining specific advice from their own counsel.