We are living in deeply interconnected world. We are constantly adding doorbell cameras, smart thermostats, smart lights, a range of Amazon Alexa and Google Home compatible devices; in effect, countless smart IoT devices.
"IoT without security = internet of threats"
~ Stephane Nappo
The Full Scoop
As we continue to add these IoT (internet of things) devices to our ever-growing home networks, we are also making our local network’s attack footprint bigger and more vulnerable. Name brand IoT devices may only receive a few security updates before companies focus on their newer models. Some of the cheaper devices; may not receive security updates at all.
Most people attach these devices to their main Wi-Fi network. While this is easy to do, it is also a very bad idea and compromises your network. In the past hackers have used security flaws in these seldom updated devices to launch attacks against larger targets. Sometimes even attacks on the local network where these devices are located, your home network.
Larger organizations that use such devices often incorporate VLANS to segment IoT device traffic from the rest of the network. If a device is compromised, the attacker can only gain access to the IoT network. This network does not contain critical company information. As you can guess, these companies have large budgets for network security. Typically, they're using enterprise network solutions that the average home user cannot afford or begin to know how to configure. However, most late model home routers provide a way for you to segment the traffic of your IoT devices from your main home network.
Most home routers manufactured in the past five years give you the opportunity to create a “guest” Wi-Fi network. You can use these guest networks for your IoT devices. Along with this guest Wi-Fi network they usually have an option to not allow the devices to communicate with any other devices on the guest network. Your devices using the guest network will only have the ability to communicate with the internet. This prevents a compromised device from accessing your primary network, thus maintaining its security.
Below is a screenshot of my home router, a Synology RT2600. You can see that I named the guest Wi-Fi network; the SSID, MyIoT. There is also an option to prevent each device from connecting to the other. This network is the one that I will give family and friends that come to visit.
IoT devices are here to stay. There are ways to keep your home network and family safe. Take a look into whether or not you can use your routers guest network feature; to keep your IoT devices and visiting guests separate from your primary network. A basic step that will keep you network safer and more secure.