Bench Talk

(Source: Virgiliu Obada/Shutterstock.com)

Connected homes powered by the Internet of Things (IoT) have become commonplace. Doorbells, thermostats, locks, and smart appliances have joined streaming video and audio to monitors and speakers throughout our homes. These wired and wireless devices sit inside your home but often connect continuously to remote cloud services. Attackers see these new devices as possible footholds into your home or business, and endpoint protection techniques such as regularly applying security updates and enabling operating system security features might not always be possible for these new devices. It’s important to be aware of where your sensitive assets and data are stored, and then ensure that the right security controls are in place to protect them.

It’s important to take a step back and think about the data that are most important to you, where they reside, and how you access them. For example, when you think about sensitive data, do you worry about losing photos stored on your computer, or perhaps losing a music collection painstakingly ripped from hundreds of CDs so many years ago? Do you worry about an attacker reading the email you’ve archived on your computer or stored in the cloud? Do you worry about attackers accessing webcams that you installed to monitor your home while you’re away? Each of these assets has a different valuation, and how much you want to invest in protecting these assets will vary. You will likely make different security choices, depending on your situation. For example, if your photos are stored on your laptop, you might choose first to encrypt your hard disk and back your pictures up to an external drive if you lost the laptop. If your mail and documents are all stored in the cloud, you might enable two-factor authentication and install malware protection software that includes phishing protection to reduce the risk of an attacker stealing your credentials. Thinking about which assets are most important to you will lead you to the security controls that will most effectively address the risks to these assets. Let’s review these specific security protection technologies.

Home network protection can be divided into two broad categories: endpoint protection and network protection.

Endpoint Protection

Endpoint protection ensures that your devices and computers are hardened against attacks, even if connected to an untrusted network. For example, your laptop should be reasonably protected when connected to the Wi-Fi at a local coffee shop. Examples of essential endpoint protection controls include having the latest security updates installed on your computer or other devices, running modern malware protection, and enabling a host-based firewall. Out of the box, both Windows and macOS provide good security features. Both operating systems include automatic security updates to ensure that your computer is patched. They can automatically lock after a period of nonuse to prevent prying eyes from accessing data on the computer. Security doesn’t have to be difficult anymore. Newer systems support facial recognition, fingerprint touch sensors, or proximity to mobile devices to unlock them; you no longer have to type in complex passwords. Enabling encryption means that even if you lose your laptop, an attacker can’t steal data from it. Built-in firewalls operate at the network and application layers to protect your computer from both inbound and outbound connections. Best of all, most of these features are free and included as a part of the operating system; some need only be enabled for you to use them.

Network Protection

Both Windows and macOS provide all these capabilities built-in, but some IoT devices that run stripped-down versions of Linux might not have adequate protection. In that case, network-level security controls can help. Network-level protection can include the inspection and blocking of network traffic between devices based on static or dynamic rules. For example, the most basic firewalls typically block inbound traffic from the internet to your protected devices but allow outbound connections for surfing the Web. More advanced firewalls can detect the unwanted outbound connection from a compromised device to an attacker’s command and control server by checking communications against a real-time blacklist that looks for and alerts on connections to known malicious sites. In today’s connected homes, it’s important to consider both endpoint and network protection to protect your most sensitive data.

Even after taking all these precautions, you might still want to consider a home security appliance to monitor risky internet behavior or discover misconfigured or vulnerable devices on your home network. The technology used in these devices has often trickled down from commercial firewalls but at a fraction of the price and designed specifically for home networks. As such, these devices are generally much easier to install and manage. Devices such as the Trend Micro Home Network Security appliance and Firewalla security device scan network traffic to identify and block network intrusions. These devices can also look for open ports and misconfigured devices and show useful metrics on device and bandwidth usage. They also include parental controls for restricting access based on time, site, or category. Catering to nontechnical users, the companies that make these devices advertise them as easy to install. In fact, they have just one network connection that you connect to your existing broadband router. They then use networking techniques to sit inline, even though physically, they are not logically.

Mesh Wi-Fi systems are another example of newer technology that often includes more robust security features and capabilities. These systems typically include multiple devices installed around your home to provide better wireless performance and coverage. Because all your wireless devices connect through this system, it provides a natural choke point to inspect all wireless traffic and analyze all network communications to look for risky behavior or signs of an attack or compromised system. As an example, the NETGEAR Orbi Wi-Fi mesh system advertises NETGEAR Armor as a service that integrates BitDefender malware protection to check for malware, open ports, password strength, firmware versions, and other potential security weaknesses.

IoT devices and cloud-based services continue to advance in-home technology. New security gateways and appliances continue to be developed to protect these new devices. As you consider how new devices can fit into your existing home network, make sure you consider which changes might be necessary to avoid putting your most sensitive data at risk.