IoT Security Checklist

Internet-connected devices, collectively known as the Internet of Things or IoT, can provide opportunities for attackers to access your network–and as a result, devices more sensitive than your lightbulbs. This checklist covers three key points you should consider when securing your devices: passwords, buying from trusted manufacturers, and a few more tech-savvy options.

The Checklist

1. Passwords

• Change Default Passwords
  Many devices come with default passwords–be sure to change them to prevent easy access.
• Use Unique Passwords
  When changing said passwords, use something unique for each account–and, because it can be a lot to remember, consider utilizing a password manager such as Bitwarden to track them.
• Use Two-Factor Authentication
  Two-factor authentication (2FA) and multi-factor authentication (MFA) help secure account access by requiring the user to verify their identity through two (or more!) steps. This might mean receiving a text message, an email, or through the use of an app such as Duo or Authy. 

2. Buy From Trusted Manufacturers

Choosing devices from big-name manufacturers means that device not only has stronger backing when it comes to security teams and updates, but also that the security of that device reflects back on that company’s reputation. They’ll be more likely and more able to pursue security issues than smaller–albeit more affordable–companies. Ultimately, it’s well worth the value.

Companies with a reputation for pursuing stronger security options and pushing updates include Apple, Samsung, and Windows, to name a few. In short, if you haven’t heard of the company before, proceed with caution. 

3.) Tech-Savvy Options

If you are more tech-savvy, these ideas can help you further secure your devices. Consider using the following:

• Open Source Firewall
  These function as replacements for the router in your network and provide additional control over the traffic that is allowed into and out of the network. Popular options include pfSense and OPNsense.
• Isolated VLANs
  VLANs provide a method of separating devices within a network. A simple approach using VLANs may provision one VLAN for untrusted devices and a second for trusted ones. VLANs can be combined with an open source firewall to provide different levels of access control for different types of devices.
• Network Monitoring
  Network monitoring tracks activity within a network. This can be accomplished via multiple methods, including firewall log analysis or more advanced packet analysis techniques, such as an intrusion detection system (IDS) like Suricata.
• Home Assistant
  Home Assistant is open-source (which means you can review the code on their GitHub) and puts local control and your privacy first. It integrates with hundreds of IoT devices, including Alexa, Google Assistant, Hue lights, and many more, allowing you to observe, control, and automate the devices in your home or office.  

Conclusion

Taking these precautions will help protect your network and devices–so it’s definitely worth the effort. In addition to this checklist, be sure to check out our related podcast, “SOC Talk: IoT and Security!”