It seems like every week has new headlines about security breaches. Whether it’s the websites you use, the banks with your money, the smartphone in your hand or the smart TV in your room, anything and everything with an internet connection is an opportunity for cyber attackers to strike.
What can you do about it? There are a few best practices that have always been around, but new information and better ways to secure your tech can make you a harder target–and less likely to be attacked. Here are a few ways to increase your security for mobile and smart home devices.
Change Default Passwords
For a lot of tech, the default username and password is all over the internet. You can use a basic internet search to find passwords for many routers, smart cameras, smart speakers, and other smart technology.
Although some companies have changed their login practices after multiple public news stories about easy tech attacks, many devices are still exposed due to poor business practices and customers not knowing how to solve the problem–or not knowing there’s a problem at all!
For any device, change the password immediately. If you can change the username as well. The problem with many older IoT devices from the first wave of net-connected devices is that there may be no way to log into the device. If you can’t log in and control security, get rid of the device or ask the vendor for an upgrade or fix.
What makes a good password? There are many theories out there, from using truly random sets of numbers, letters, and special characters to using sets of words that mean something to you, but no one else. Password managers exist to not only save all of your passwords if you’re bad at remembering passwords but to protect your main, master password that unlocks everything else.
Instead of figuring out the best technique–which hackers will eventually hone in on and learn to exploit, figure out what not to do:
- Dictionary words. Any single word from the dictionary is a bad password. Not only can they be guessed, but automated tools can brute force through your security by just trying every password out there. Ever wonder why some passwords aren’t allowed because they’re too simple? This is why. Ever wonder why you’re locked out of logging in after too many failed attempts? To protect against brute force hacking.
- Using personally-identifiable passwords. Don’t use your name, the name of a relative, a pet, or anything that other people around you may know. Security questions to help you reset your password can include that information since that process usually includes other security techniques. As a password, you’re asking for that friend’s family member you never suspected to practice their hacking skills on you.
- Using the same password everywhere. Having a great password can feel like an achievement, but don’t use it everywhere. Users aren’t the only ones being hacked; if a site you use is hacked and leaks your password, hackers will be able to just plug your login details to every website they can think of. That can also be automated. There are resources to help you see if your details have been stolen during a security breach.
Consider using a programming technique called CamelCase as well. CamelCase either capitalizes the first letter of every word or the first letter of everything after the first word. Here’s an example:
Since many password systems require numbers as symbols, there’s an old internet trend called 1337 (leet, slang for elite) that substitutes letters for symbols. “Apple” becomes 4pp13, “Password” becomes [email protected], and many different combinations can be used. Unfortunately, 1337 is common enough that passwords such as [email protected] are part of automated brute force dictionaries. Stay creative, because hackers are artists.
Newer devices have not just ways to log in, but easier ways to update the software and firmware. Being able to update is crucial because there are always new ways to break into technology.
Having a method to update security for the best chance against hackers is vital, and if it can be done with a computer instead of just letting the device connect to a server that may be down or even compromised in a decade, your security is even better.
Hide Your Personal Devices With A VPN
There’s always a risk that a bored hacker will want to try their skills against your secure network, especially if a friend–or former friend–wants to sneak into your system. To protect yourself, place your IoT devices on the best Virtual Private Network (VPN). VPNs such as Surfshark (download here and review here) can help you protect your IoT, encrypt and protect your data at public wifi networks, and even help you get to blocked websites and Netflix shows in different countries.
One major security risk with the Internet of Things (IoT) is the fact that many devices are shouting personal, identifiable information to the public internet. There’s even a search engine for IoT devices that woke a lot of people up to how public and open some private devices were.
It may not be usernames, passwords, or credit card numbers, but the information can be used to track down potential targets and find weak networks. Smart TVs and smart cameras make themselves targets simply by existing since a device that you can see is a device you can hack.
Most hacker victims aren’t part of some government or corporate espionage with a single, high-profile target. Hackers will take what they can; if there’s something showing up that looks like it could be a weakness, why not poke it and see what happens? It costs nothing to try and log into a camera or a smart TV. If it’s secured with a good password, it’s up to the hacker if they want to try harder or look elsewhere. If it’s wide open or with a default password, it’s easy pickings.
VPNs have many uses, but for IoT, it’s all about hiding your connection. When a connection enters a VPN, it essentially goes through a private tunnel that makes it hard to figure out where it came from.
When you use the internet, your information is tagged with a lot of information that can identify you. It may not show your exact name and address, but it can show your approximate location, where you were browsing, how long you were browsing, and your general internet habits. A lot of guesses can be made from that information.
For IoT like smart home cameras and other devices, fewer guesses are needed. An internet-connected speaker or camera has a pretty standard, noticeable set of traits, so hackers will zoom in on those devices and try to get in. Changing the security details as mentioned earlier is a good idea, but hiding your network and devices, in general, is even safer. Do both.
Teach Your Household About App Safety
Telling people to not download apps will just make them want to download them even more, and likely from sources that are harder to find and not as trustworthy as official sources. Instead of being completely anti-app, train all mobile and smart home device users about safe, responsible app use.
As anyone from the start of the iTunes and Google Play store will know, that first rush of having so many apps to choose from can be fun, but it can quickly overtake any devices. Apps are just programs like any other, and if you have too many running at once, the device will eventually slow down.
Even worse, not all apps are created equally. Some are written by amateurs who don’t know how to protect their apps against common errors that can crash and take up space even after closed, while other errors can cause memory leaks that keep demanding more memory even if it isn’t needed. These issues happen with apps from professional teams as well, so it’s good to know what your app is doing.
First, figure out whether each app is needed or part of regular, everyday use. Not all apps are for work and mobile devices aren’t just for workers; games and fun distractions are fine, and there’s a lot of joy to be had in the palm of your hand. That said, downloading a bunch of games and fun distraction apps, but rarely using the apps is a waste of resources.
Uninstall any apps that aren’t used more than once a month unless they’re part of a regular schedule. While Android and IOS will suggest removing apps after a certain amount of time without use, it’s better to do an inventory yourself. That way, your mobile device will have more space for more apps, and fewer apps will be able to run in the background.
Even if you don’t see the app, it could be doing something in the background. A smart design technique is to keep the app on in a low-profile mode to make opening easier, while some apps may launch just to give you quick updates.
Multiple apps in low-profile mode will add up to a lot of resource use, especially when you finally open an app that you want to use with a lot of resource use. If the apps are uninstalled, you don’t have to worry about those background problems.
As smart devices and IoT technology become more common, you need to know how to protect your data in an increasingly connected, calculating, and analyzing the world. Contact a VPN technology specialist to learn more about what VPNs can do for your tech.
Also why not check out: