[This is the 2nd in a 4-part series – part 1, part 3, part 4]
At this point, we’ve tackled maybe the hardest part of improving the security of our home network: we’ve enumerated all the smart devices connected to our router. Before we go any further, we should stop and take the opportunity to prune that list – to reduce your attack surface as we say in the biz. This is a crucial step that I think is often missed. Before we spend any time or money securing a vulnerable device, what if we could just render it harmless? That’s the point of Step 2: Simplify.
Remove Unneeded Devices
Over the years, you may have purchased several devices with connected capabilities. Making dumb devices smart has been a huge marketing push over the last decade or so. Maybe someone gave you a color-changing light bulb as a gift. Maybe you couldn’t resist splurging on an internet-connected coffee machine. Or maybe that cool smart baby monitor you bought is no longer supported.
If you no longer use or need a device, just get rid of it. Unplug it and find the proper way to e-cycle it. If the devices is buggy or no longer receiving software updates, you’re better off without it. However, if it’s serving an important purpose for you, then maybe you could replace it with something better.
Make Your Smart Devices Dumb
There are some connected devices that don’t really need to be connected in order to perform their basic functions. (I would argue that all smart devices should be able to do this, but sadly that’s not true.) Smart TVs are such devices. I never connect my TVs to the internet. Why? Because they spy on what you’re watching. I use an Apple TV streaming box instead. Is it perfect in terms of privacy? No. But it’s way better than most smart TVs.
The point is that you may have appliances that you still use and want to keep, but that don’t really need to be connected to the internet. If it’s old enough to have an Ethernet connection, you can just unplug that cord. If it’s connected to WiFi, you can clear out (delete) the WiFi settings or change them to something invalid, which will take it off your network. And then you won’t have to worry about it anymore.
Is Your WiFi Router Safe?
One last thing. Now would be a good time to take a hard look at your home router. If it’s so old that it doesn’t support modern encryption (at least WPA2) or is no longer receiving software updates (or was never capable of updating), you should get a new one. And if you’re using a combination router/modem from your Internet Service Provider, I would get your own router and stop using theirs, for both security and privacy reasons.
If you get a new router and you have several IoT devices on your home network, I would start by configuring the new router to have the same SSID (WiFi network name) and WiFi encryption password (the password that devices need to join your network) as your old router. That way, all your devices should automatically reconnect to the new router. Otherwise, you will have to go through and reconfigure the WiFi settings of every single wireless device.
Next up: Assess
In the next installment of this series, we’ll take whatever’s left on your home network and figure out what software they’re running, if that software is up to date, and how to update it.
Need practical security tips?
Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.
Don't get caught with your drawbridge down!
