How to make your smart home more secure

Or: How not to get hacked.

Brett Putman for Engadget (Engadget)

Home is where the network is. Nowadays, modernizing a house means plugging in sensors, cameras, voice-activated hubs, smart lights and connected power sockets. But if your local network isn't secure, each new gadget represents a potential access point for hackers. With the incorrect implementation, those shiny new tools you bought to protect your home can actually make it more vulnerable.

"Your network -- your home network and your local network -- is kind of like your nervous system in your body; it's what connects everything together," said Nicholas White, founder of UnityTech Technology Integrators. "Obviously your protection needs to be on that."

White specializes in automating and securing high-net-worth homes, protecting the families of celebrities and professional athletes, and he charges anywhere between $20,000 and $300,000 per job. However, these are typically special gigs on giant properties, requiring a lot of equipment and creative installation solutions. For most folks, securing your smart home doesn't have to cost as much as (or more than) your actual house.

"A lot of the basic practices are pretty universal," White said. "When I say high-end, most folks start to think, 'Oh, this one particular product must cost a ton of money.' That's not necessarily the case."

A wall for your network


There's no better practice than establishing a solid, secure network for your IoT and security devices to communicate over. If you want ultimate security, that means setting up a firewall.

"Stopping anything coming in from your network, from your internet service provider, is your first gateway," White said. "We like to use a brand called SonicWall -- they have such advanced firewall and zero-day attack detection, the list goes on."

The SonicWall TZ350 costs over $400, making it one of the pricier acquisitions in your Home Security Start-Up Kit. It's worthwhile, if you're concerned about threats lurking deep in the digital darkness. White told a story about one UnityTech family that became clients only after hackers remotely accessed their smart TV's built-in camera, took a photo of them on the couch, and then harassed them with the image.

One of the benefits of the SonicWall TZ350 is its ability to work with your VPN, encrypting all data that passes through the home network. This is the only way to encrypt data from most IoT devices.

"It's fairly expensive just for the networking side of it, but we'll put that device between our modem, which is the internet coming in, and in between the actual network where everything else is actually sitting," he said. "So it's kind of like this big Jurassic Park gate that's in front of the network and that provides a ton of protection, at least from hackers that are not close to your home."

Buy SonicWall TZ350 at Amazon - $478

The dos and don’ts of wireless


After laying a pristine firewall foundation, the next layer of modern home security is all about wires. Wireless devices are vulnerable to incursions like the 2017 Krack attack that affected essentially every WiFi-connected smart home gadget in the wild, taking advantage of a bug in the WPA2 encryption protocol. In cases like these, some of the most vulnerable in-home security tools are the ones that can see you: cameras.

Many mainstream home-security cameras operate via WiFi, largely because the installation process is a lot less intense when there's no Ethernet cable involved. But if you're in the market for the most secure way to monitor your house and not simply the easiest to set up, look for a wired model like the $200 Lorex Ultra HD resolution IP audio camera.

Buy Lorex 4K Cam at Lorex - $200


Regardless of your commitment to wired products, chances are you're going to end up with a handful of security and automated-home devices on the same network at some point. The best way to prepare for this eventuality is to get all of your gadgets on the same communication protocol (think: Z-Wave, Zigbee or dual-channel gadgets). Then, once you've decided on that, you want to keep everything organized with a central operating system like the $175 Wink 2 Z-Wave Plus Smart Hub. The Hub lets you see and control all of your smart devices from one app, ensuring you're not overloading your network or leaving any digital doors wide open.

A common mistake that White encounters as IoT devices become more prevalent in homes is network crowding, which leaves people with slow connections and broken gadgets.

"It's not threats, it's just performance," he said. "Because you're going to make an investment and want it to work when it's supposed to work and not cause issues. People that live in apartments or townhomes that have all these Ring doorbells, they just can't figure out why they won't work." Turns out, it's the result of a busy network.

Buy Wink 2 Hub at Amazon - $175

Physical protections


Once your home's communication pathways are secure, it's time to get started on the physical world. To that end, White recommends a smart lock like the $160 Yale Assure, which functions with Z-Wave, Zigbee and most smart devices. Smart locks offer layers of security that deadbolts alone can't achieve, such as the ability to remotely monitor activity at your door and control the whole mechanism with an app. Plus, no one can steal your house keys if they were never cut to begin with.

Of course, when it comes to digital home security in a world filled with connected microphones and cameras, there's no replacement for old-fashioned espionage (or high school gossip) tactics.

"You've got to have a sensitive conversation?" White asked. "Put all your phones outside or walk outside or find a room where you're not going to be obviously heard."

Buy Yale Assure Lock on Amazon - $160