This week, the FBI reported that the surge in IoT devices has given bad actors “a virtual drive-by of your digital life.” That is, the small “smart” devices people let into their lives, like fitness trackers, thermostats, televisions, and refrigerators, are vulnerable to bad actors and open all devices in the home to hacking. If you work from home, you need to protect your home office from your smart home.
In most homes, all devices use the same wi-fi router to access the internet, leaving every device in the home as vulnerable as the least secure device in the home. Those files you secured on your laptop? Not secure, because your smart doorbell (or fridge, or tv, etc.) has lousy firmware that allowed a hacker to access your home network.
[Lest anyone fret that any work outside the office is necessarily less secure than on-site work, check out this report on how on-site security is suffering from employees’ use of personal devices on office networks.]
If you work from a home office, protect your work and your devices from the personal IoT sharing your network. While the best solution is to run your business and IoT devices on separate networks, that’s not practical for most folks. Here are some practical precautions you can take:
- Secure your router. According to Avast, “59.7% of routers have weak credentials or some vulnerabilities” and “59.1% of users worldwide have never logged into their router or have never updated its firmware.” In my experience, many people have not changed the factory preset credentials, leaving their network extremely vulnerable. [Read: Tips & Tricks #1: Secure Your Wi-fi Router and Tips & Tricks #2: Update Your Wi-fi Router]
- Limit IoT devices’ access. If you manage your smart devices with apps, do not accept the default permissions these apps will request without careful review. Does the app for your fitness tracker need to access your phone’s mic and camera? Probably not. [Read: Here’s What That App Knows About You]
- Protect your devices with secure credentials. Don’t accept preset passwords and use a strong unique password for each device.
- Update your devices. Updates often contain security patches for the firmware installed on your device. If there is an auto-update function, use it. [Read: Enable automatic updates]
Working from home can be just as secure (or even more secure) than working on-site, but it requires taking control of the tools you employ to run your business and your home.