How to Setup Connected Devices Securely
The UK Government is planning to introduce legislation that ensures consumer IoT devices have the basic security measures in place as a minimum. Until that happens, it is especially important that you check you have configured your device securely.
It’s worth noting that if you have purchased the very cheapest product you can find, it may not have any security features or even any manufacturer’s guide included. Consider that for a little bit more money, you may be able to buy a product with important security features built in.
When you first unpack your new IoT device, look for the manufacturers documentation and check the default settings. Some devices come with a password that looks generic (such as 11111 or admin) so it is vital that you change it to a secure password that is unique to this device.
You should also check to see if you can set up two-factor authentication (2FA) on your device. This is a process where you are required to give a code (often send as a text message to your mobile phone or by using an authenticator app) in addition to a password. This ensures that other people cannot access your device from the internet with just your password.
It is also important to keep your device updated which enables the manufacturer to address any faults that have been discovered in the software. All software updates should be installed as soon as possible, and to make that easier, it is recommended that you switch on automatic updates if available.
To limit the options that hackers have to find ways to attack your device, turn off or disable any features that you do not need and use on your device.