MOORESVILLE, N.C.—Adoption of new technologies is on the rise, and so are cybersecurity threats. Gartner reports that in five years our typical households could contain several hundred smart devices. While it’s important to be cognizant of cybersecurity issues, rest assured that home automation pros are staying ahead of the bad guys to keep you and your family safe. Let’s explore the potential vulnerabilities of smart devices and measures taken to make them secure.
We’ve all heard about baby monitors being hacked, but according to Fox News contributor and CyberGuy Kurt Knutsson, the leading causes for the hacks might surprise you. The simple, avoidable reasons include: parents not changing the default password, the home Wi-Fi network password being easily-guessed and security flaws with the monitoring device itself. Knutsson’s article goes on to share steps that parents can take to deter hackers, but there are dozens of other smart devices and appliances that may not immediately come to mind and are beyond the abilities of the average DIY homeowner to secure—such as cable boxes, video game consoles and even HVAC systems. Professional-level security measures should be taken to ensure that your network is secure and that the equipment is safe and up to standards.
At SoundVision, our clients’ security is critical. In addition to working in partnership with our manufacturers, we collaborate with fellow members across the country as a CEDIA (Consumer Electronics Design & Installation Association) Electronics Systems Contractor to ensure we stay current on threats, as well as trends, in technology. To keep your systems secure from hackers, here are some precautions we recommend.
- ● Have a certified automation/security pro set-up an encrypted network. Always change the SSID (network name) and use the most up-to-date encryption (WPA2 currently) with a custom, strong password.
- ● Safeguard your guest network. Establish parameters such as controlling time-of-day access, MAC (Media Access Control) addresses of specific devices and restricting the number of devices allowed.
- ● Use only Z-wave certified equipment.
- ● Change all factory-set passwords.
- ● While we do not recommend that you share passwords, we do suggest you record them in a secure place. We create a passcode document for our clients, should they forget or lose them.
- ● Use temporary passwords for occasional access.
- ● Set up a separate network for your automation system.
- ● If you need to allow access to various devices from outside (typically called port forwarding) such as being able to control your security or automation system via an app, never use the same inbound and outbound port.
- ● Set up “parent/child” relationships, allowing you to share a specific username and password with access to designated devices (like the music server so your friend can stream on your system) and at the times you specify to prevent people from having access to your system without your knowledge.
- ● A VPN (Virtual Private Network), such as Microsoft’s Remote Desktop Connection, is another solution. This is a “private tunnel” to give you, or anyone you deem, access to your network from anywhere in the world.
- ● Never leave the generic username and password on any network device. Devices include routers and access points, as well as camera DVRs (digital video recorders), NAS (network access server) drives and any other piece of gear that resides on the network.
- ● Replace any outdated or incompatible components.
- ● Buy only reputable brands, which are more likely to have a high level of security and regular updates. The National Security Alliance advises “Do your research: read reviews and learn about consumers’ experiences with the products from a security and privacy perspective.”
- ● Keep all devices updated with the most current software, and download any patches to mitigate risk.
- ● Turn off listening devices when not in use.
- ● Install security software on mobile phones and tablets used to control IoT devices.
- ● Restrict application access on your phone. Be aware of privacy settings and sharing capabilities on apps, such as calendars, email, location and photos.
- ● We recommend passcode apps to keep passwords secure.
First and foremost, work with a known, trusted networked home/security provider. As a CEDIA Electronics Systems Contractor, SoundVision, LLC, along with the contributing integrators listed, has access to up-to-the-minute industry news and solutions. CEDIA leverages the expertise of global technology leaders and manufacturers to educate its membership on key topics such as cybersecurity and the connected home and have recently worked in collaboration with InfoComm International to present at ISE (Integrated Systems Europe) on the subject.
Be aware, be smart and count on trusted professionals when needed.
Juan Apraez, CEO, All Digital, Weston, FL
Mike Chorney, President, LaScala, Vancouver, British Columbia
Peter Cook, Owner/President, Automation Design + Entertainment, Kalamazoo, MI
Eric Crawford, The Loop Technologies, Boise, ID
Tom Stone, Principal, Stone-Glidden, King of Prussia, PA