Security threats in Smart Devices
In case you are not aware of it already, the new model of Samsung that allows you to speak out commands to enhance your TV experience also stores whatever else you speak in front of the smart device. Thus, if you are having a conversation with anyone while watching the TV, chances will be high that the TV will record everything and send it to the researchers – a third party that Samsung refused to name. Once the recording reaches the researchers, the sound is converted to text and is stored in their database permanently. There is no thinking about what the researchers can do with the data, especially if you have been discussing your finances and gave out your card details or social security number etc. Though Samsung had later clarified that the voice command feature is just optional and people can turn it off for security in smart devices, not many still know that they are being recorded. If you wish, you can disable the voice control features on Samsung TVs by going into the TV settings > Smart Features > Voice Recognition > Off.
Smart Devices & Privacy issues
We had written about the dangers of the Internet of Things – a while ago, and such issues confirm that security plus privacy is in danger, as users won’t know what the device is capable of doing. Folks thought that the matter would be limited to passwords and hacking. We talked about how hackers can use your smart devices to launch a massive attack on any website. But this factor of smart devices recording what you do is a bit more worrisome than we expected. Not only the manufacturers, but hackers too can record your activities if your devices support such functions. You might already have read about hackers using your webcam and CCTVs to monitor your activities! While the major issue is that those involved in programming do not think much about security at the users’ end, there may be cases where programmers create modules that may act as a spy on your activities. Data is precious, and if there is a chance to lay their hands on collecting information about you, some companies will go too far. Read about IoT ransomware!
How to improve Security in Smart Devices
There is not much you can do if a smart device manufacturing company tries to collect data. The only respite is that they’ll have to disclose it somewhere. If you read the entire device manual and TOC, you should be able to see what all data is being collected by the device. Next to that, try and keep all the smart appliances in your home or office behind a Firewall. Since they’re vulnerable, using a firewall will make sure data won’t fall into wrong hands. You can use a Hardware Firewall (which I think is the best method) or a software firewall via a computer that’s always running. To further increase security in smart devices, you can change passwords of the devices. Almost all smart devices have a default password that would be something like “0000”, “1234”, or “password”. Change it before you hook it up with the rest of the network connected to the Internet. Finally, buy products from popular brands that have to comply with the local laws. Chances of being cheated will be far less when you go for branded devices against local or low-cost devices as popular brands are forced to reveal what all data the smart device will collect. They cannot afford to lose their reputation worldwide. At the moment, security in smart devices is both “ethical responsibility” of companies as well as “educational problem” on behalf of end-users. In my opinion, companies involved in manufacturing should make the users aware of security issues in smart devices and give them a place in device manuals that will help in reducing problems related to privacy and security. This Consumer Guide to the Internet of Things talks about how to secure Internet of Things and IoT devices and more. You might want to take a look at i How would you propose to increase security in smart devices, as an educated end user?
What are the best ways to secure smart home devices?
Strong encryption settings in the RouterDisable any additional feature you are not usingChange default username and passwordSetup separate wifi network for IoT devicesEnable Multifactor authentication