Whether you’re a Rutgers staff member working a hybrid schedule, a faculty member doing research, or a student living on or off-campus, you likely spend at least a portion of your time doing work from home. You may also live in one of the 63.4 million dwellings that have at least one internet-of-things (IoT) device, otherwise known as a “smart” device.
Turning your home into a “smart home” can make life a lot more convenient. Lights, speakers, cameras, thermostats, and other devices can easily be connected to your home Wi-Fi and controlled from an app on your phone or computer. However, there’s a caveat: the more “smart” devices you connect, the more doors hackers have into your home. IoT devices are by default designed for convenience, not security, and this can introduce threats to sensitive information when working from home. However, there are a few steps you can take towards securing your “smart home” from attackers:
Secure your router
Make sure to change your router’s default name (default names provide information on your router to attackers), enable WPA2 encryption (if available), ensure your firewall is enabled, and create a strong, unguessable password for your network. Don’t use the same password for both your network and your devices.
Set up a Wi-Fi network specifically for IoT devices
Many routers called “dual-band” routers allow you to set up a secondary network. However, you might consider setting up a completely separate router specifically for your IoT devices. Doing so separates your IoT devices from your main network, so if hackers do target an IoT device, they can’t access more important devices, like your work computer.
Disconnect devices when not in use and disable features that aren’t needed
IoT devices with microphones and cameras, when hacked, have unfortunately been used to spy on homeowners. For hybrid workers or students, this could lead to sensitive Rutgers information being leaked. If you use certain IoT devices with these capabilities while at home, disable things like remote access and Bluetooth, and unplug them during work hours and when not in use.
Create a long, unique passphrase for each device/app
If you routinely use the same (or similar) passwords for your IoT devices and just one device gets compromised, an attacker can easily gain access to the rest of your smart home. Create a long, secure password for each device to prevent this from occurring. If you have too many passwords to remember, try using a password manager tool.
Install device updates as soon as possible
Many Wi-Fi routers and IoT devices require you to manually update their firmware with bug and vulnerability fixes. Do a routine check for each of your devices every few months to make sure they’re up to date.
Enable multi-factor authentication (MFA)
Many IoT devices and router providers now have MFA capabilities built-into their app for extra security (like two-step login with Duo for your Rutgers account). If a password to a device gets compromised, having MFA enabled provides an extra layer of protection and can alert you through the app when an attempt to log into your account is blocked.
Securing your smart home may seem like a daunting task, but as our collection of devices grows, so do the potential threats. As a member of the Rutgers community, it’s important to remember: cybersecurity is our shared responsibility!
Tags: help and support, network, remote, security, two-step login, WiFi