2020 saw the smart home market value hit £70bn and by 2025 it’s predicted to reach £110bn. The market is both diverse and competitive with an ever-growing range of smart products available from industry giants such as Amazon and Google. The Smart Connected Home Ecosystem is here to stay. Although there’s no shortage of utility and novelty, many people are starting to ask the question: how safe are they in a business environment?
Broadly speaking most devices that are commercially available are required to meet certain security and privacy criteria. However, they all have the same weak link that can be exploited: you! A recent study found that 90% of security breaches were due to user error. We can define user error in two ways:
In this article, we’ll concentrate on the second way and look at some ways to overcome it.
Consider your home or work router as the front door to your house. If you can securely lock the door, you can assume a certain level of security for all devices within the home. This applies directly to digital devices. Make sure you change your router’s default password and ensure it’s a secure password (not, for instance, ‘password123’).
Wherever you work it is likely to have people coming and going, and some will want to use your WiFi. If this is a regular occurrence at your business, create a guest network for these people. Treat giving them access to your work network as giving over the keys to your property; only when necessary and only for the specific period of time needed.
Although we’ve talked about changing passwords on your router, we would also recommend changing passwords on anything with a default password.
Having your device use the bare minimum it needs to function is the safest way to use the device. The less code on the device, the less likely it is to be exploited. For a mobile device this could mean removing unused apps; for something more complicated like a car’s digital dashboard or heating system, you may need to refer to the user manual to see what’s required and what’s surplus.
For accounts and devices that have it, make sure you enable two-factor authentication. This means that if someone tries to login to an account or service it will ask them to verify their legitimacy by another means. This is usually a text, but can also be an email or phone call. If you are a user who is allowed access it’s an easy step to add; if you’re a user who isn’t allowed access, it’s an incredibly hard hurdle to overcome.
If you enjoyed this briefing paper, check out our other digital resources which cover a wide range of topics, including quantum computing, social media, and 3D printing.
The Lancashire Cyber Foundry runs a series of business strategy and cyber workshops specifically designed for SMEs in Lancashire. We’re passionate about seeing Lancashire business become more cyber-aware and innovative and so offer funded places for companies to come and learn how to defend, innovate and grow their business. Additionally, we have an experienced technical team ready to help you with your business innovation ideas, particularly around cyber and digital innovation.
To find out more about how your business can access support or register on one of upcoming workshops, contact us:
Before starting at Lancaster University over four years ago, Geraint had worked in software development roles in IBM and the Civil Service. In addition to being a qualified teacher, Geraint has worked freelance with a varied client base as a software developer and graphic designer.
Get the latest updates on news and events from the Lancashire Cyber Foundry team.