Column: Keep those smart devices on the internet of things secure

Some estimate that over 24 billion internet-connected devices will be installed by 2020. (Getty Images/iStockphoto/Askold Romanov)

Q: I’m interested in adding smart devices to my home but have heard horror stories about security. What should I know before I get started?

A: Smart or connected devices such as doorbell cameras, thermostats and home security webcams are growing in popularity, with estimates that over 24 billion internet-connected devices will be installed by 2020.

If you plan on installing these devices in your home or business, understanding the security issues is pretty important.

IoT : The internet of things

Often referred to as “the internet of things” (IoT), these everyday items generally incorporate internet connections to allow for remote access, monitoring and control.

Getting alerts on your smartphone whenever a webcam detects motion or when someone rings your doorbell — as well as having infinite control over your thermostat and lighting from just about anywhere — has tremendous appeal.

As someone who loves to travel, I personally appreciate the added benefits, as they provide pinpoint control as long as you have an internet connection.

Access is access

The thing to keep in mind is that if you can access your devices from outside your home, technically, so can anyone else.

The internet is one huge global network of devices all connected to each other, so you can be next door or on the other side of the ocean and have the same access.

The primary thing keeping unauthorized users from accessing anything you install on your network is whatever security has been set up by that device.

The default password problem

Usernames and passwords are the primary line of defense you have against unauthorized access, and making sure they are secure is always your first task.

There have been lots of stories over the years, especially when it comes to web cameras, showing how many of them are completely open to the world because the user didn’t change the default username and/or password.

Using any internet-connected device with the default administrative password will make you a sitting duck, because every default password for just about every device ever made is readily available online at sites like CIRT.net.

If you’ve already installed smart devices on your network and want to see if they are publicly accessible via websites like Shodan, check out BullGuard’s IoT Scanner.

Don’t be afraid

Lots of internet security experts have written about the “security-as-an-afterthought” approach that the industry has taken, and rightly so.

Security should never be taken lightly by anyone using anything connected to the internet, but it can also be over-hyped or agenda-driven.

No different than driving a car that could potentially kill you every day, empowering yourself with knowledge is the key.

If you don’t understand it, get help

Nothing is 100 percent “hacker-proof,” especially if a malicious party is motivated, but unless you’re a celebrity or a politician, you’re much more likely to become a victim from a “random act of hacking.”

This means you made it really easy for an outsider to take advantage of you, because you skipped such simple security measures as updates and patches that can appear too complex for non-technical users.

For the average user, the convenience benefits far outweigh the risks when it comes to most IoT devices, so don’t let the horror stories keep you from educating yourself and using them.

Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question on Facebook or Twitter.


Like WTOP on Facebook and follow @WTOP on Twitter to engage in conversation about this article and others.

© 2017 WTOP. All Rights Reserved.

Scroll to Top