14. Use Case | SOHO Security

Chapter Objectives

  • 14-1 Describe a modern smart home environment.
  • 14-2 Outline best practices in security-by-design in home network design.
  • 14-3 Explain how automation is integrated into home networked environments.
  • 14-4 Demonstrate how to secure a home network by modifying default settings.
  • 14-5 Illustrate how to secure a home network through network segmentation.

Note: This chapter is in progress.

As you survey the broad array of devices and networks available in our modern communications infrastructures, you can apply that information to securing your own small office or home networks, or practice simulating a sample such network. The sections below provide some ideas in building security into SOHO network designs and infrastructures, and in investigating possible security breaches in a smart home network.

Build Your Own Smart Home Network

As you look at the physical equipment in your home, you may locate some smart devices, systems, and/or applications. How do you keep these secure when transmitting data?

Router Settings

First, take a look at your router. Most Internet Service Providers (ISPs) usually provide a router with Wi-Fi. Although there are many things to consider with securing your home network, two of the most important are enabling encryption, and having a unique password to access your router’s settings. Note, the password to access your router’s settings is likely (and should be) different from the password to join your Wi-Fi network.

Some routers come with an unique password configured by the ISP; however, some routers (as well as many other devices that connect to the Internet such as smart doorbells, cameras, etc.) come with a default password that is the same for every device the manufacturer makes. This password is listed in the device’s user manual, and the word “admin” is a common choice. If your device has a standard manufacturer’s password, you should change it. As this is a password that you will not use often, be sure to record the changed password in a logical and secure place. If you were given a user manual with your device, locate where in the documentation the default password is listed, and make a note there about your new password.

Smart Devices

With the advent of home automation, many more devices need to connect to our home network. Typically these “smart” devices work just like their regular counterparts (e.g. a smart light switch works like a regular light switch, you can physically press the switch to turn the light on or off), and they also have smart features (e.g. you can program the switch to turn lights on or off at certain times, or use your computing device to turn the light on or off). Here are some examples of smart devices, with some features that these devices may have:

  • Video Doorbells. Someone rings your doorbell, and you get a notification on your smartphone. You can see who is standing at your door, and talk to the person even if you aren’t home. These video doorbells can double as a security system, taking a picture of anyone who comes in range of the doorbell’s camera.
  • Smart Locks. Set codes for the keypad, so a key is no longer required. Create different codes for different people, and you can track who is unlocking the door, and when they do it. Want to remove someone’s access to your home, then just delete their access code. Worried you left home and forgot to lock the door – start the smart lock app on your phone and lock the door remotely. Do you forget to lock your door frequently – then set it to automatically lock after a certain time period has elapsed.
  • Smart TVs. Video streaming services such as Netflix provide on demand access to movies, documentaries, etc. A smart TV will have apps to access common streaming services, and also allow you to connect your phone or computer to the TV so you can view your photos or computer screen on the larger TV screen.
  • Smart Lighting. Smart wall light switches work like a normal light switch, but can be turned on or off using your computing device, and also can be programmed to automatically turn lights on or off at certain times of the day. Smart light bulbs are similar, but you leave the old light switch always turned on, and turn the smart bulb on and off through the app or a secondary switch.
  • Smart Thermostats. Do you like to cool your home down just before bed, and would like it to warm up just before you get up in the morning – then install a smart thermostat.
  • Smart Smoke Alarms. Battery low in your smoke detector – then get a message sent to your phone reminding you to change it. Did one of your smoke detectors go off – get a text message with the details.
  • Smart Appliances. Is your washer or dryer finished with your clothes – then get a text message reminding you to take out your clothes before they get wrinkled.
  • Smart Speakers (with microphones). Don’t want to use your phone or your watch to control your home automation, then give it a voice command instead. “Answer the phone” when it rings, or just to “Set the timer for 3 minutes” are just two of many possibilities.

Mass-Market Home Automation Ecosystems

Home automation has been around for many years; however, many early systems were often very expensive. With the introduction of the mass-market systems, home automation prices have dropped substantially.

Some of the more dominant companies with home automation ecosystems (and corresponding voice assistants) are:

  • Apple HomeKit (Siri)
  • Google Home Assistant (Hey Google)
  • Amazon Alexa (Alexa)
  • Ring Doorbell

These ecosystems have corresponding apps for your smartphone, as well as voice assistants. So if you have your bedroom light on a smart light switch, then to turn off the light you could either:

  • Go to the light switch and turn it off, or
  • Go to the app on your smartphone or smartwatch and turn off the light, or
  • Issue a voice command, e.g. “Siri, turn off the bedroom light”

When you purchase a smart device (such as a video doorbell, smart lock, etc.) remember to check which ecosystems it will work with. Some devices will work with all three of the systems listed above, others only work with one or two of those ecosystems.

Smart Home Security Settings

One of the conveniences of a smart home is that it can be set up to be accessed remotely (i.e. you don’t need to be in your home to control it). So if you are sitting down to dinner at a restaurant and then wonder if you remembered to lock your home’s front door, an app on your smartphone can be used to see if the door is unlocked, and if so, you can lock it without needing to leave your restaurant seat. This convenience (remote access), also means you want to give consideration to a number of things to keep your home automation system secure. Consider the following:

  • Change the Default Password. If any of your home automation devices come with a “default” password (one set at the factory and it’s the same password for every device), make sure you change this password.
  • Use a Variety of Strong Passwords. Don’t use the same password you use for all your accounts, and don’t use something that is easily guessed. You want to keep hackers out of your home automation devices (especially important if you have home automation cameras inside your house.
  • Keep Firmware Updated. For each of your smart devices, if you see on the corresponding app that a firmware update is available, be sure to install it, it may be an update that fixes a security vulnerability.
  • Consider a Second Wi-Fi Network. If your router allows you to set up two different Wi-Fi networks, consider setting one up for your computing devices (phone/tablet/computer), and a second network for all the home automation devices to connect to. Separating your home automation devices on a separate network from your computing devices will increase security.
  • Know Your Background Listening Settings: If you can give a command to your smart speaker, phone or tablet without pushing a button (to activate the voice assistant), then your device has been set up to always listen to what you say (this feature can also be turned off). When it is always listening, the device waits for you to say the activation word (e.g. the voice assistant name, such as Siri or Google or Alexa), and then the device assumes the next words you say will be some sort of command it can execute. If you want to test if this feature is enabled, try saying something like “Alexa, what time is it? Background listening can be considered a security issue as sometimes logs of everything that was said within the device’s listening range are kept for the purpose of increasing the accuracy of the voice recognition commands; however, there have been instances of law enforcement and intelligence agencies requesting access to specific people’s logs.

Adapted from: Current & Emerging Computing Technology by Don Bentley, licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

definition

License

Icon for the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

Telecommunications and Networking Copyright © by Rita Mitra; Glenn Brown; Melanie Huffman; and Hongyi Zhu is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License, except where otherwise noted.

Share This Book