How to keep your connected home safe: 7 steps you can take to boost home security

The Internet of Things is based on sensors and controls in all sorts of devices. When those types of devices are used to create a smart home, they can give residents unprecedented control and insight. The proliferation of smart devices, however, also opens the door to new dangers and threats.

According to research architect Brandon Creighton, with application security provider Veracode, At the end of the day, youre installing a device that is really just a tiny computer. Even with something as simple as a smart light socket that you can control remotely with your phone, what makes that possible is the little computer in the switch that can talk to the Internetwhich means that Internet users can talk back.

The same technology that enables us to build these quite complex devices also creates the potential for security vulnerabilities, said Creighton. And the vulnerabilities will inevitably be found.

A recent report from HP, the Internet of Things Security Study: Home Security Systems Report, gives some idea of the extent of the problem. According to the report, HP reviewed 10 of the newest home security systems revealing an alarmingly high number of authentication and authorization issues along with concerns regarding mobile and cloud-based web interfaces. The intent of these systems is to provide security and remote monitoring to a home owner, but given the vulnerabilities we discovered, the owner of the home security system may not be the only one monitoring the home.

In a recent study, HP found many home-security systems vulnerable to eavesdropping.

Whats a homeowner to do? While its practically impossible to stop a determined professional hacker, there are steps you can take to at least make their task more difficult, and to discourage the simpler attacks. Think of these seven steps as the connected home equivalent of putting locks on your windows or stopping your newspaper delivery while youre on vacation.

Daniel Miessler, practice principal at HP Fortify On Demand, HPs managed security testing solution, led the research behind the security study. Understand the sensors that are at play on the device, said Miessler. So, for example, does your TV have a camera thats facing out? Where is it facingthe entire living room? The bedroom? Whenever you deploy something with sensors in your home, youre raising your risk of unauthorized access.

In our recent report, Miessler continued, the scariest thing was being able to remotely monitor homes, basically including their video cameras. Because it was security systems that we tested, 10 out of 10 had this problemit wasnt just watching the camera, it was also knowing when youre home and when youre not. Whatever further steps you take to secure your home will rely on understanding what holes youre trying to plug; for example, by making sure any cameras are pointed only at the specific areas youre concerned about.

Security cameras can help secure your home, but it's critical that you secure the cameras themselves when you set them up.

One of the major problems is that devices are deployed with some pretty insecure defaults, says Miessler. If you search for the device name online, you can find the user name and password that it ships with. And theres a project called Shodan that lets you enter a product name, and it will reveal everyone in the world whos running that product and if its listening live on the Internet.

See more here:
How to keep your connected home safe: 7 steps you can take to boost home security