FBI Recommends Keeping IoT Devices on a Separate Network
I recently came across a really interesting read from the FBI Portland office and their “Tech Tuesday” post on December 3 regarding the Internet of Things. Basically, IoT (Internet of Things) means everything else in your home that connects to the world wide web. If you look at the holiday wish lists that your kids, spouse, and parents recently dropped on you—most everything on that list that can connect to your home network probably makes the cut.
Adult toys like digital assistants, smart watches, fitness trackers, home security devices, thermostats, refrigerators, and even light bulbs and plugs are all on the list. Add to that kid toys as well: remote-controlled robots; games and gaming systems; interactive dolls; and talking stuffed animals … it’s an endless list.
What these all have in common is that they send and receive data. But it’s not necessarily known how that data is collected and where it’s going (unless you actually read cover to cover the end user license agreement).
The concern from the FBI is that hackers can use that innocent device to do a virtual drive-by of your digital life. Unsecured devices can allow hackers a path into your router, giving the bad guy access to everything else on your home network that you thought was secure. Are private pictures and passwords safely stored on your computer? Are you sure?
Here’s what the FBI said you can do to build that digital defense:
- Change the device’s factory settings from the default password. A simple Internet search should tell you how—and if you can’t find the information, consider moving on to another product.
- Passwords should be as long as possible and unique for IoT devices.
- Many connected devices are supported by mobile apps on your phone. These apps could be running in the background and using default permissions that you never realized you approved.
- Know what kind of personal information those apps are collecting and say “no” to privilege requests that don’t make sense.
- Secure your network. Your fridge and your laptop should not be on the same network. Keep your most private, sensitive data on a separate system from your other IoT devices.
- Make sure all your devices are updated regularly. If automatic updates are available for software, hardware, and operating systems, turn them on.
An article at ZDNet recently offered the advice of keeping IoT devices on a separate network from your primary devices. That may not sound easy for everyday, non-technical users. The easiest way would be to use two routers. A more complicated & technical way would be to use a “micro-segmentation” feature found in most WiFi routers. This allows you to create a virtual network on the same network, separating the two and making a more difficult jump for the criminal to gain access to your primary devices. A good tutorial on how to create that VLAN on your router is available here.
While it’s argued that many of these IoT devices make our lives easier or more manageable, it’s important to realize that they can also create ports of entry into your primary devices leaving you vulnerable to hack and identity theft. Due diligence and security are very important when incorporating these IoT devices into your home.