Information Security at the University of Hawaii
Tips & Tricks For Mitigating Risk in Connected Devices
Smart/Internet of Things (IoT) devices are convenient devices that are meant to improve your daily life. However, these devices have the capability to collect personal data that may be shared with external sources. Smart/IoT devices are also at risk of attack if they are not properly secured, therefore it is important to take appropriate measures to ensure that your privacy and personal data are not at risk. Listed below are a few tips to help you secure your connected devices.
Be Aware of the Risks!
- Check the Permissions on Your Device. Many smart/IoT devices come with transmitting capabilities so you can access your devices on the go. It is a good idea to configure the devices so they transmit as little data as possible. If your device does not need to be connected to the internet, it is a good idea to disconnect the device. Only remotely interact with devices that you need to access from a distance. If possible, do some research on your device to find out what kind of data is being recorded by the device and who the device is sharing your data with.
- Do Not Use Suspicious Devices. Always purchase smart/IoT devices from trusted brands. Sometimes the best deal is not the safest option. Do research on devices before making a purchase. If you are unsure about a device, try to limit the network capabilities of the device. If the device in question exhibits unusual behavior, immediately disconnect the device.
- Be Aware of the Information that Devices May Collect. Most smart/IoT devices have the ability to record some form of data about the people that use it. For example, a smart watch may track how often the user exercises, the times that the user is active, and the locations that its user visits. A smart car may record the times in which it is started and stopped, the amount of miles travelled, and the locations visited. All data from these smart devices can be aggregated together to provide a profile of your life. As an owner of smart/IoT devices, it is important to be aware of the type of information that these devices may be collecting and take into consideration the risks to privacy.
Strengthen Your Device Security!
- Set Strong Passwords For Your Devices. Some smart/IoT devices require users to log in to an account in order to access features of the device. To prevent unauthorized access to your devices, it is a good idea to replace all default passwords with a strong and unique password. If devices have their own wireless access point, it may be possible to configure WPA2 security for your access point. The manual for your device may include information on how to implement wireless access security.
- Be Proactive! Check Your Network. It is a good idea to find out how your smart/IoT devices are connected to your network. If possible, configure the default security settings to suit your needs and make sure that your device is receiving the latest security patches. Your home wireless network should be protected with a strong password and properly maintained. If you do not know how to access the settings on your wireless router, contact the product's company support team or look online for more information.
If you believe that your personal information may be compromised, don't wait. Immediately notify the appropriate authorities and secure your compromised accounts with new credentials.
- Learn more about securing IoT devices with SANS OUCH Newsletter!
- Review the Department of Homeland Security's Internet of Things Tip Card!
- Click here to watch a video by StaySafeOnline.org about Data Privacy Day!