More and more people use devices or gadgets connected to the Internet of Things (IoT ). Some are encouraged to manufacture devices with simple components to create home projects: home automation, sensors, tiny robots, etc.
It is good to know some general recommendations to avoid connecting them to the local network and then to the Internet, as this poses a security problem.
Any device connected to the home network is potentially a hole through which someone with bad intentions could “sneak” to reach other devices, such as computers or mobile phones, mainly. Among the most sensitive instruments in this regard are:
- Cameras of all kinds.
- Microphones and home assistants.
- Remote locks.
- Smartwatches, bracelets and devices with geolocation (GPS).
- Robots with sensors, Wi-Fi or Bluetooth that connect to computers.
It is also necessary to know that some of the projects that the youngest of the house build in their technology classes can incorporate components to connect to the network: small robots, dolls, drones and the like.
Some practical advice
Change the passwords that come by default: Many devices come from the factory with passwords like admin, 0000, 1234 and the like, which are highly vulnerable. They are published in manuals available on the Internet, and a simple Google search is enough to guess them. If someone wants to “break in” and detects a specific device in the home, for example, through Wi-Fi, they shouldn’t find an “open door” simply because the factory password has not been changed.
Use a “guest network”: Some routers allow you to create a unique network for occasional visitors so that two Wi-Fi networks appear: the main one for those who connect daily and another for visitors or other uses. In this case, clicking the IoT devices to that “guest network” is a good idea. In case of problems, the activity will be limited to an area from which it would not be possible to access computers or mobile phones on the leading network. Alternatively, in modern dual-band routers, the top equipment can be connected to the 5 GHz band (“fast”, “plus”, or “5G”, 802.11ac mode) and the rest to the standard 2.4 GHz ( 802.11g or 802.11n).
Keep firmware up to date: Like computer software, the firmware that is embedded in most IoT devices is also updated from time to time. A typical case is precisely to solve security problems detected over time. The manuals explain how to update them so that, in addition to working better, they do so more securely. The same applies to the apps with which they are controlled.
Close ports and access ways that are not needed: This is common, especially in home electronic DIY projects. When a new device is connected, so-called network ports may remain open. These are the ways through which different connections are established: sending files, emails, web content, etc., a kind of numbered channel. Closing those not used is equivalent to blocking the doors of a house through which you will never pass, leaving only the primary key.
Use a firewall on the router: Firewalls are a filter that differentiates between authorized and unauthorized communications. They can be installed in the computer’s operating system from the network preferences or router. They work by blocking certain network ports, specific devices or applications (mail, voice, games) Although they are a little more complicated to configure, they can be helpful to allow communications from only specific devices or under certain conditions to enter and leave the home network. Conditions. It doesn’t happen if something needs to be added to the official list, it doesn’t happen.
Being safe is easier than it seems.
Although all this may seem complicated, it is relatively simple in practice. In general, most IoT devices check for updates automatically by themselves. They notify you when there is a new version, and you only need to authorize the process.
On the other hand, most of those who dedicate themselves to developing projects usually use the Raspberry Pi, a small and cheap board –an entire miniature computer– with many possibilities. When installed, it always has the same factory password, but uses the passwd command after boot to change it to a more secure one.
In Windows, MacOS and many versions of Linux, you can activate the firewall with a few clicks in the preferences, although it is convenient to “fine tune” it by checking all the options. And in the routers, configuring the ports or the firewall was complicated. Still, it can currently be done from an app the operators provide or from easily accessible websites, such as the Alejandra Portal of Telefonica.
By following these tips, all those increasingly common gadgets in the home, the latest generation devices and small projects developed at home can be left running all day, communicated through the network, without this being a security problem.