Separate Your LAN and Put Smart Devices On a Different Network
Internet of things (IoT) is trending in the market with over 25 billion devices sold in the last five years. In 2018 alone, 7.04 billion devices were sold (close to the world’s population!), and that number is estimated to go up two folds in the next three years. These devices can range from a TV to a watch, and anything in between that connects to the internet. It can be controlled remotely through a smartphone application, a computer or a voice recognition.
Although these devices are designed to make our day to day tasks more manageable, it comes with its risks. Over time, each added smart device adds an opportunity for unwelcomed visitors to access your network. Currently, there are no security applications, like anti-virus, to scan the data coming into your smart devices through your phones. This means that if any of your smart devices are compromised, your network and all of its data is fair game for malicious users. Just imagine ransomware on your home computer coming in from a smart speaker on the same network. Scary, right?
Top security companies like Kaspersky, Cisco, and Dell EMC have started developing solutions to secure these devices in our network. Some new home routers are being built with IoT and smart home security in mind. Until then, it is our responsibility as users to ensure all devices in our network are secure.
The best solution to the above problem is to isolate these devices from your LAN network (E.g., MyHome Wi-Fi). All smart devices need is a connection to the internet for you to control them.
Once you have that, there are several ways of isolating the devices. If you have an enterprise network, you can create separate VLANs and allow one-way traffic to secure the devices. You can also use filtering to restrict the data traffic to these devices. However, more than 70% of these devices are used at home. How can you secure those?
The answer to this is to create a separate wireless network (E.g., Smart Wi-Fi). Your router manual should have information on how to complete the process. Any home router will support at least two wireless networks if not more. By default, the new network (E.g., MySmart Wi-Fi) is configured not to allow any traffic between itself and other networks. Connect these smart devices to the new network and allow one-way traffic from your local network to the new network. If your router supports more than two networks, create a separate ID for your guests as well (E.g. MyGuest Wi-Fi).
Your responsibility does not end here. A hacker may not have access to your personal devices but can still have access to your smart devices. Unlike computers and phones, most of these smart devices cannot look for software or firmware upgrades, and do not always install automatically. For this reason, make sure you keep them updated. If available, the phone application or manufacturer’s website will be an excellent place to start. This also applies to all the devices you use or connect to your local network.
Until there are IoT security devices or security applications or both in place, you must ensure smart devices are on a separate network, running the latest software and firmware and password protected.