Thing 6: Smart devices

When buying a smart device, it’s important to understand the product you are looking at. Check reviews about the product and manufacturer, search reputable news sources and ask people you know.

When you first buy a device, it might come with a password printed inside the manual or on a sticker stuck to the device. This is the default password.

Unfortunately, default passwords can be well known to cyber criminals where the manufacturer uses something simple (Username: admin and Password: admin) or uses the same credentials across all their devices – a common practice with some brands of security cameras.

It’s important to check whether your device has a default password and change it to something more secure if it does. Look in the product manual or visit the manufacturer website if you need help to do this.

Smart devices usually come with an app and/or website for you to manage them and use their features. Cyber criminals will be able to use your device just like you would if they are able to break into this account.

Create a strong and unique password for this just like you would with any other online account and setup two-factor authentication (2FA) if it’s an option.

Even if you can’t see it, your devices will have an operating system just like a computer or smartphone and it’s important to keep this updated. Otherwise newly discovered vulnerabilities with the device will not be fixed and this could offer cyber criminals a route into your home.

The National Cyber Security Centre (NCSC) recommend that you:

• switch on the option to install automatic updates (if available)
• install any manual updates when prompted
• make sure your device's operating system is up to date.

With some products it might not be clear what you need to do to update them. Check the product manual or manufacturer website for guidance about ‘software’ or ‘firmware’ updates.

If you don’t require all the features offered by your device then turn these off if you can. For example, a security camera might record audio alongside video but allow you disable this.

Nearly all home routers have features called UPnP and port forwarding. These features make it easy for your devices to find each other and allow internet access to devices on your home network. Games consoles like the Xbox and PlayStation require them for online gaming but the features can be a security risk especially when you have smart devices within your home. Login to your router and check both UPnP and port forwarding are disabled if you don’t absolutely need them.

Once you finish using a smart device you may wish to give it to someone else, sell it or dispose of it. Before you do this, reset your device to factory settings. This wipes settings you’ve applied since owning the device along with any personal information that might identify you.

Look for a ‘Reset to factory settings’ or ‘Reset to factory default’ option in your device settings. Also make sure no memory cards are left in the device as these could still contain data.

Increased adoption and reliance on smart devices is driving the development of a new suite of cyber security products aimed at consumers. Companies traditionally associated with anti-virus software are beginning to offer physical devices you plug into your home network to help secure it. Examples include the Bitdefender Box, F-Secure Sense and Norton Core.