Convenience over common sense: The security dilemma of smart home devices

Convenience over common sense: The security dilemma of smart home devices

Smart home devices are used to monitor or control the environment in our homes. These marvels of technology make life easier by handling changes in temperature, lighting, entertainment systems, and other appliances. But while they’re the height of convenience, we can’t ignore the security nightmare being created by their use.

So how smart is it to connect all the appliances, even alarm and security systems, to the internet? We do not have standardized security measures for the devices that are making their way into our homes, but with the convenience they offer, many times that outweighs the application of common sense. With every additional smart device in a home’s network, the system becomes more complex and more at risk. 

The smart home device market has grown immensely, and there are 258 million smart households worldwide. However, 40.8% of these households have at least one smart device vulnerable to cyber attacks. In an increasingly online world, where our homes are the center of our work and private lives, data privacy and security are crucial.

What are smart devices, and when did they come into our lives

We can trace smart devices back to the early 1900s. With the evolution of technology, the definition of what makes a smart device has changed. You could even argue that the very first vacuum cleaner in 1905 was a smart device for its time.

The first device that fits today’s understanding of smart home technology was the Echo IV in 1966. This machine took up enough space to fill an entire room, but it performed most of the features that smart devices today are capable of. Echo IV could control the air conditioning, TV, and keep track of things for you.

Of course, today, we can fit an Echo IV in the palm of our hands, with wireless internet, BlueTooth, cameras, and processors that have 25,000 times the clock speed of that home automation pioneer. Switching on your TV is expected; today, we talk to speakers that do your online shopping, schedule your tasks, and even help conserve resources like electricity and water. 

Where is the security risk?

When looking at convenience and accessibility, smart homes seem to be the obvious answer. You can control your home’s appliances, your locks and alarms, lighting, and heating, all from a single tablet or smartphone. These technologies have proven that they are helpful, and we know that they have become increasingly affordable.

The risk comes in when we realize that our cybersecurity measures have not improved at the same pace. Smart home security systems often have cameras connected to the internet, installed to keep your homes safe but are vulnerable to hackers. The same smart security system can be manipulated by a third party to breach your privacy. 

For example, the use of smart locks on external doors raises many questions. A skilled hacker can easily breach them, and a brilliant one can hide their nefarious activities. And while the common counter-argument is that crooks can pick locks and doors can be broken open anyway, both activities leave physical evidence; something insurance companies typically require before they will payout on a claim. However, that’s changing.

Some insurance companies are offering discounts for consumers with smart security systems. Smart sensors, locks, and thermostats can lower your premiums if your home insurance provider has decided to embrace home automation systems. While there are definitive pros to installing these devices, other than the financial incentive – such as faster fire detection and guest access when you’re unavailable to let people in – you can’t ignore the security issues. The insurance industry has not standardized or decided on its approach, so it’s essential to research this aspect carefully.

Voice assistants by Amazon, Google, Microsoft, and Apple are also risks for our data privacy. They accidentally activate several times a day and record audio (even if you are not directly speaking to the device). The shocker here is that most of the audio that the voice assistant records is stored on company databases. Human workers review these recordings in the process of improving the device.

While the companies make assurances that the recordings are not stored in correlation with the user and that all the voice data is kept confidential, it is disturbing to come to terms with the idea that people listen to what we say to our devices. This is a hole in the privacy of our homes, and it is something to be wary of. 

All the instructions you give your voice assistant, like home address, financial details, and information that may have been accidentally recorded, are stored with the device manufacturer. With the merging of workplace and residence during the pandemic, a significant amount of potentially confidential data is at risk because of these smart devices. Thankfully, there are a few settings that you can change to delete your recordings or opt-out of having a human review your recordings. 

How do we keep our systems secure?

With the overwhelming information indicating that our convenience comes at the cost of our privacy, the next question is how to protect our data. Data privacy and security need to be prioritized as we further delve into the digital space, with information being collected and analyzed from every part of our lives. 

Before buying any smart device, read reviews that focus on the product’s security and what data is recorded and stored. Independent reviews of the product will help understand what the risks are. A few general searches for “smart home security” and “smart device security teardown” will deliver articles that help understand the risks of owning a smart device. 

While in-depth vulnerability services like IoT Inspector and others exist, they focus on organizations at present, so they’re expensive for the average home-owner, but they are also worth considering if the cost is a small percentage of the potential loss. Employing a white hat hacking company is also an option for complex smart home setups. 

If you intend on adding smart devices to your home network, it is vital to use strong passwords and have different passwords for each device. A password manager like Dashlane can come in handy by generating and saving the passwords. This is one step towards securing private information. Another layer of security would be to separate the smart device network from your regular usage network. These steps are a few of the ways that you may take charge of your smart device security. 

Smart homes become more commonplace with time; this is not something that will change. What we do have the power to change is our smart device security. Hopefully, we can move towards a future where convenience and privacy do not come at the cost of the other.