Skip to main content

Smart Homes security advice

As part of National Home Security Month, Neil Sinclair, the National Cyber Lead for the Police Digital Security Centre takes a look at Smart Homes. Neil was recognised in the latest edition of The Progress 1000: London's most influential people for his work in Technology & Cyber Security.

When you think of traditional home security, the first products that probably come to mind are burglar alarms, security lighting, CCTV and deadbolts. But security products have evolved to include smart security cameras, video doorbells, locks, plugs and bulbs to name but a few.

All smart security products are meant to give you more control over, and information about, the safety of your home. Smart security simply means that you can control the security product from any internet connected device. All are operated via associated apps, meaning you can protect your home from anywhere in the world, as long as you have an internet connection!

But from a security view point, these items are far from smart and introduce as many security issues as they appear to resolve. Many smart devices may be insecure when they are first switched on, so you'll need to take some quick steps to protect yourself.

  • If the device comes with a password that looks easily guessable (for example admin or 00000), change it

  • Easily guessable passwords can be cracked by cyber criminals, so make sure you choose a secure one. Advice on what makes a secure password can be found on the National Cyber Security Centre’s website https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0

Some smart locks even let you create ‘virtual keys’ so friends and family can enter the home when you’re not there and many cameras can be trained to recognise familiar faces and alert you to strangers. However, accessing your device like this can make it easier for other people online to access them without your permission, so make sure you have changed default passwords and enabled Two Factor Authentication (2FA) if available. 2FA provides a way of 'double checking' that you really are the person you are claiming to be, and makes it much harder for criminals to access your online accounts, even if they know your password.

You must also make sure your Wi-Fi router has a unique password as this is an easy access point for the cyber criminal to get on to your “home network.

When shopping for smart home security products, you should pay attention to product compatibility (can devices talk to each other?), ease of use, mobile app functionality and battery back-up features. If you are not sure how many devices you need, look out for ‘starter kits’ that are sometimes better value than buying individual devices.

As with your computers and smartphones, installing software updates promptly helps keep your devices secure. For each of your smart devices, you should:

  • switch on the option to install automatic updates (if available)

  • install any manual updates when prompted
  • make sure your device's operating system is up to date

Many apps and smart devices use what is known as “shadow IT”. This is where a device piggy-backs or shadows the capabilities of another enabled app. It is therefore important that you check the functionality that you permit. For example, do not accept “location tracking” where it is not necessary for your specific purpose; do not share your “contacts” to apps that aren’t specifically for your communications.

It is also important to remember that if you link your smart devices to Alexa or other ‘virtual assistants’, any voice can activate them, even from outside if they shout loud enough!