How can you level up security of connected devices?

With the rise of the Internet of Things (IoT), our homes and businesses are becoming filled with connected devices like smart speakers, security cameras, smart appliances, and more. While these devices offer convenience and new capabilities, they also introduce new security risks if not properly secured.

According to industry reports, unsecured IoT devices were involved in cyber attacks like the massive Mirai botnet DDoS attack in 2016. There are growing concerns that connected devices with poor security could be increasingly leveraged by bad actors.

Fortunately, with some diligence and proper precautions, the security risks of connected devices can be significantly reduced. Here are some top ways you can level up the security of your connected devices and IoT networks:

Change Default Passwords

One of the most basic IoT security measures is to change default passwords. Many devices ship with simple default passwords like “admin/admin” or “1234.” These passwords are easily guessed and provide an open door for attackers.

When setting up new devices, always be sure to change any default passwords. Use strong passwords that would be difficult for attackers to guess. Strong password tips include:

  • Use a mix of uppercase, lowercase, numbers and special characters
  • Choose a passphrase rather than a short password
  • Never reuse passwords across multiple devices or accounts

Update Firmware and Software

Device vendors will often issue firmware and software updates to patch security vulnerabilities. However, many users fail to properly update their devices after purchase. This leaves them open to potential exploits.

Get in the habit of regularly checking and installing available updates for your connected devices. Turn on automatic updates where available. Updates should help close known security holes and keep your device’s protection current against emerging threats.

Review andTighten Security Settings

Take time to review the security and privacy settings of your devices. Devices may come with options like encryption, VPN tunneling, limiting location tracking and more. Enable any additional security features available.

Also consider settings like:

  • Disabling features and data collection you don’t need
  • Restricting communication to private networks only where possible
  • Requiring login credentials to access administrative settings

Tightening your security settings makes it harder for someone to intercept communications or gain control of your device.

Connect to a Secure Network

Whenever possible, connect IoT devices to secure home or business networks. Avoid using public WiFi networks which are easier to compromise. Use a strong WPA2 password and encryption on your private WiFi.

For added protection, set up a virtual private network (VPN) tunnel to route your device communications through. A VPN will encrypt data and prevent snooping of unsecured WiFi traffic.

Segregate IoT Devices on Separate Networks

While connecting devices only to private networks is more secure, you may want to further isolate and segment your IoT devices on their own network subnet separated from other devices like computers and smartphones.

Network segmentation makes it harder for malware to spread. Should your IoT devices become compromised, the infection is less likely to spread from that segregated zone.

Apply Physical Security Measures

Don’t forget about physical security measures as well. An attacker with physical access to a device may be able to bypass other protections. Consider steps like:

  • Placing devices out of plain sight from windows to prevent tampering
  • Securing devices with locks, cables or enclosures when possible
  • Mounting or positioning security cameras in inconspicuous locations

Making devices harder to physically access helps reduce the risk of unauthorized tampering.

Monitor for Unusual Behavior

Keep a close eye on your devices for any abnormal behavior that could indicate a security problem. Warning signs can include:

  • Unexpected reboots/crashes
  • Spikes in network traffic
  • Unfamiliar logins
  • New administrator accounts
  • Alerts from security software

By monitoring device activity and alerts, you can more quickly detect and respond to potential compromises or malware infections.

Isolate and Replace Compromised Devices

If a device becomes compromised, isolate it from your network right away. Fully reset or replace the device, change relevant passwords, and investigate to determine the root cause of the breach.

Removing compromised devices before they infect others is key to preventing wider spread.

Control Network Access

Configure your firewall and other network security tools to only allow trusted device connections and limit incoming/outgoing traffic to required services only. This will help block malicious scans and unapproved access attempts.

Setting strict network access controls forces devices and applications to adhere to your specific security policies.

Disable Unused Services and Features

Disable any services, accounts, communication protocols and device features that are not essential for the intended use case. Unnecessary services just add potential vulnerabilities.

For example, internet-connected security cameras only need to communicate outbound via HTTP/HTTPS to streaming or storage services. Block other unneeded protocols.

Consider Virtualization

For smart home and industrial IoT networks, consider configuring devices in a virtual environment rather than directly on physical hardware. Virtualization allows device traffic to be contained, limiting the impact if any individual IoT device gets compromised.

Use Security-Focused Networking Gear

Protect your IoT devices with strong networking equipment designed for IoT and industrial applications. Look for advanced security features like:

  • Intrusion detection and prevention
  • Encrypted VPNs
  • Network access controls
  • Traffic segmentation and isolation

Enterprise-grade networking gear gives an added layer of protection compared to consumer WiFi routers.

Perform Security Audits

Routinely perform full security audits on your IoT and smart home network. Check connected devices for vulnerabilities, malware, or misconfigurations. Also assess the overall network setup.

Periodic audits help spot any weaknesses before they can be exploited in an attack.

Use Security Assessment Tools

Specialized tools can help audit IoT environments and automate device security checks. Examples include:

  • Nmap – Checks open network ports and services
  • Nessus – Vulnerability scanner
  • Wireshark – Network traffic analysis
  • Metasploit Framework – Device exploitation

These tools perform security testing to uncover risks and weaknesses.

Hire Third-Party Security Experts

Consider hiring an experienced security firm to conduct in-depth security testing and auditing of your IoT or smart home network. They can help identify overlooked vulnerabilities and provide an outside perspective.

Purchase Security-Hardened IoT Devices

When purchasing new IoT devices, look for options specially designed with enhanced security in mind. Key features include:

  • Encrypted communications
  • Trusted Platform Modules (TPMs)
  • Hardened operating systems
  • Signed firmware updates
  • Isolation techniques like ARM TrustZone

Devices built secure-by-design offer stronger protection than consumer-grade alternatives.

Conclusion

With billions of insecure IoT devices deployed, Internet-connected electronics clearly pose security risks if not properly protected. However, taking the right steps to secure your devices, network, and data can go a long way.

Implementing measures like strong passwords, network segmentation, regular patching and updates, limiting Internet access, and monitoring for threats are all key to “leveling up” IoT security.

By leveraging both technical controls and best practices, IoT devices can be safely secured against the vast majority of attacks – keeping your connected world protected.

Security Measure Benefit
Change default passwords Prevents unauthorized access
Update firmware/software Patches vulnerabilities
Review security settings Enables additional protections
Connect to secure networks Reduces eavesdropping risks
Segregate IoT devices Limits infection spread
Apply physical security Prevents physical tampering
Monitor for anomalies Early threat detection
Isolate compromised devices Stops infections from spreading
Control network access Limits unauthorized access
Disable unused services Reduces potential vulnerabilities
Use virtualization Containment of threats
Utilize security-focused networking gear Protection against attacks
Perform security audits Identify overlooked risks
Leverage assessment tools Automated testing and scanning
Hire third-party experts Outside perspective
Purchase security-hardened devices Secure-by-design protections