In my last post, I covered potential security flaws related to Smart Home technologies and alluded to potential solutions like Trend Micro’s Home Network Security offering, which addresses some of those concerns. While there are limits to physical security and solutions (e.g. a smart lock won’t stop a battering ram from popping your door open), software systems are constantly evolving and growing in complexity. Because of this, today’s security standard may be tomorrow’s vulnerability, and you should build your personal IT infrastructure (e.g. home WiFi, firewalls, parental controls, device management, etc.) keeping that in mind.
Adding Security to My Network
As an engineer in the IoT space, I often alternate between practicing good habits when using the internet, and being highly experimental (and sometimes risky) to learn and build new projects. Even within the Smart Home space, there are many products that allow for some degree of customization by tech-savvy users, and even platforms, like Samsung SmartThings.
The actual set-up process of the Home Network Security device was extremely straightforward:
- Plug into power
- Connect to network (via ethernet cable)
- Register device to account
After that, it’s just a matter of connecting different types of devices, seeing how they interact with the Home Network Security interface, and what type of information and control is given to users.
To test things out, I connected two devices to my WiFi network: my iPhone and an ESP32. One is a fairly common smartphone and the other is a niche device, an IoT development board that I use to gather sensor data. I was surprised to see both devices were immediately identified by their manufacturer information, and that I was notified when a new device joined my network.
More interestingly, it reveals a fair amount of information about the device, including MAC address, IP address, and more, and also allows users to kick individual devices off of the network. The immediate value is in being able to monitor and restrict local network access, whether that is a sneaky neighbor or a former guest.
But beyond that, it’s a good tool for detecting when unknown devices are added or gain access to your network without your knowledge or consent, which may happen if your smart home devices are compromised.
Diving a bit deeper, the Trend Micro device also provides security scans and monitoring for all sorts of attacks and vulnerabilities, similar to how an antivirus software or firewall might for your personal computer or laptop. It was even able to detect that I had never changed my router password from the factory default.
At a glance, the immediate value for IoT devices is clear – attacks on Things like Nest thermostats or Hue lightbulbs can range from minor nuisances to major inconveniences. But it also extends more broadly into the Internet of Personal Things (like smartphones or tablets) and the Internet of Developer Things, like microcontrollers or Raspberry PIs, which are rarely manufactured or programmed with security in mind. Having this additional layer of protection and monitoring ensures that developers and ordinary consumers alike can tinker freely without needing to worry.