Inside your smart home you have serious security flaws, according to a new report by Synack.
The company tested 16 popular devices and determined that connected cameras were the least secure. Products ranging from the SmartThings hub to the Nest and Lyric thermostats also had some problems.
It only took Colby Moore, security research analyst for Synack, twenty minutes to break into each of the assorted devices and he only found one, the Kidde smoke detector, that didn't have any significant flaws, the Kidde is not connected.
The big picture, there are no real standards in the connected home security space, and some really need to be made.
"Right now the internet of tings is like computer security was in the nineties, when everything was new and no one had any security standards or any way to monitor their devices for security," said Moore.
Moore suggested some basic best practices to consider:
1. Hardwire as many devices as possible.
When devices are wireless make sure they have push notifications to the user when they are kicked offline.
2. Firmware updates should happen automatically, especially those dealing with security flaws and vulnerabilities.
3. Require strong passwords.
Make sure they have combinations of numbers, special characters and letters. They need to be more than 12 characters.
4. Send all the data to the cloud using a secured connection.
Don't store it on the device, which can be hacked.
5. If you are going to use SSL, check certificates at both ends.
Out of the cameras, thermostats, smart hubs and smoke detectors tested the most flaws were found in the camera class. The Dropcam was the most secure. In thermostats the Nest was the most secure and when it came to smoke detectors it was the unconnected Kidde that received a perfect score.
There needs to be more insight into how we secure the future when we start linking all these devices together. When asked about security in the smart home of today Moore said, "Security is abysmal."