• Because the internet of things market is relatively young, most smart home devices are vulnerable to security breaches.
  • At the moment, smart home security measures largely depend on the vigilance of the end-user.
  • Consumers should be advised to limit personal information stored in home automation gadgets.

By and large, smart home technology has arrived — including thermostats that can learn the preferred temperature settings of the family and energy-efficient lighting systems that produce a variety of ambiances.

In addition to convenience, home automation systems typically evoke a sense of security, which is especially important when you consider that 90 percent of consumers say security is among the main reasons to invest in smart home technology, according to icontrol.

It’s therefore no surprise that homeowners have already begun to outfit their abodes with Wi-Fi-enabled cameras and alarm systems. Plus, nearly 1 million homes in North America are equipped with a smart lock of some kind, and it doesn’t end there — the global smart lock industry is expected to reach 3.6 billion by the year 2019.

With all the growing interest surrounding smart home technology, it’s easy to assume that these products are impervious to security flaws. Unfortunately, that’s not entirely the case.

If you’re not familiar with the term, the internet of things (IoT) refers to the growing network of everyday devices and appliances (the coffee maker, slow cooker, HVAC, etc.) that use the internet to interact and store data. And like other online interactions, IoT gadgets are just as vulnerable to cyber-attacks and hackers.

Studies have highlighted serious security vulnerabilities in a multitude of home automation devices. Many gadgets have poor password policies while others aren’t equipped with sufficient security for their debugging interface, allowing easy access for hackers. With IoT still in its infancy, essentially any smart home device is more or less exposed to the elements.

The following are some crucial smart home security tips that every real estate agent should know and be able to relay to interested homebuyers.

1. Use a smart password strategy

Passwords are the first line of defense against cyber-attacks — whether it’s for internet routers, smartphones or home automation applications. For this reason, consumers should make sure their passwords are changed frequently (more than once a year).

Passwords should be long and unpredictable, preferably using a series of upper and lowercase letters, as well as numbers and special characters. Also, never use names, birthdays or addresses (and the ever-popular “password” or “1234567” are completely out of the question).

To assure they’re strong and varied, consider using a password generator. Programs like these can store passwords online (make sure they’re encrypted), allowing users to make each password unique and difficult to hack into without worrying about losing them.

To maximize password strategies, encourage clients to enable two-step authentication features. It might take a little longer to log in, but the extra time could help deter would-be hackers.

2. Review camera log history

Internet-enabled cameras and “nanny cams” are typically a hacker’s primary point of entry.

In November 2015, over 73,000 smart security cameras were hacked, and their images were unwittingly posted on the internet. The main issue? Users failed to change their passwords (remember that one?).

If tenacious hackers do manage to bypass authentication protocols, consumers should frequently check their camera logs. Many security cameras allow users to go over the history of IP addresses that have accessed the feed.

By regularly reviewing the logs, homeowners can ensure no one has infiltrated their smart cameras — whether it’s for spying purposes, leaking footage or both.

3. Use secure Wi-Fi networks

For starters, connected consumers should avoid using public Wi-Fi networks. Home automations that are connected to public Wi-Fi make it easy for hackers to procure sensitive data while no one’s the wiser. Always use a secure network or switch to a mobile data service before putting smart home technology to use.

Customers might also want to check the type of encryption that is being used by the router. Seeking devices that use Advanced Encryption Standard (AES) could help prevent hackers from discerning signals that are sent between devices and components.

Even when hackers are able to intercept the signals, they might have trouble decoding them.

In addition, setting up more than one network is never a bad idea. Segmenting smart home devices into separate networks can prevent a hacker from automatically gaining access to every device from a single security breach.

4. Choose a reputable brand

A company that’s newly tinkering with smart home technology might not be up to the task of addressing security risks. But developers that’ve been around long enough are more apt to know what makes an IoT product efficient and secure.

They’ve had time to build a reputation around their products, which has likely been vetted by consumers and possibly tested by security firms.

For instance, security intelligence companies Synack and Veracode have tested a variety of smart home products for security flaws, which resulted in a number of positive recommendations for name-brand smart home features.

It’s important to encourage consumers to focus on companies that are as committed to the security of their products as they are to their products. And of course it never hurts to inquire about the security measures the company has taken before making a purchase.

5. Be prepared for a possible cyber-attack

Even with the most airtight system in place, it would be rash to guarantee that security measures could never be compromised, and it’s important that users are prepared for the possibility.

Clients should be advised to limit any personal information stored in home automation devices to mitigate the damage inflicted by a potential security breach. And as mentioned before, all transferred data should be encrypted.

If a system has been hacked, immediately change passwords, contact credit card companies, banks and credit bureaus — and document everything. Once the extent of the cyber-attack has been determined, file a police report as an official record to help combat identity theft.

The convenience and freedom of IoT also comes with inherent security risks. Smart home technology is developing at a rapid rate, and it’s projected that the average family in 2022 will have over 500 home automation features, according to Gartner, a technology research firm.

As the ecosystem of IoT continues to evolve, security is quickly scaling the totem pole for both developers and public authorities. In the meantime, homebuying clients should always be made aware of potential threats and how to effectively respond to them as they continue to adopt this exciting new technology.

Arun Ganesan serves as Vice President and Chief Technology Officer at Esurance, where he’s responsible for data management, cyber security, business intelligence, infrastructure and operations.

Show Comments Hide Comments
Sign up for Inman’s Morning Headlines
What you need to know to start your day with all the latest industry developments
By submitting your email address, you agree to receive marketing emails from Inman.
Thank you for subscribing to Morning Headlines.
Back to top
Only 3 days left to register for Inman Connect Las Vegas before prices go up! Don't miss the premier event for real estate pros.Register Now ×
Limited Time Offer: Get 1 year of Inman Select for $199SUBSCRIBE×
Log in
If you created your account with Google or Facebook
Don't have an account?
Forgot your password?
No Problem

Simply enter the email address you used to create your account and click "Reset Password". You will receive additional instructions via email.

Forgot your username? If so please contact customer support at (510) 658-9252

Password Reset Confirmation

Password Reset Instructions have been sent to

Subscribe to The Weekender
Get the week's leading headlines delivered straight to your inbox.
Top headlines from around the real estate industry. Breaking news as it happens.
15 stories covering tech, special reports, video and opinion.
Unique features from hacker profiles to portal watch and video interviews.
Unique features from hacker profiles to portal watch and video interviews.
It looks like you’re already a Select Member!
To subscribe to exclusive newsletters, visit your email preferences in the account settings.
Up-to-the-minute news and interviews in your inbox, ticket discounts for Inman events and more
1-Step CheckoutPay with a credit card
By continuing, you agree to Inman’s Terms of Use and Privacy Policy.

You will be charged . Your subscription will automatically renew for on . For more details on our payment terms and how to cancel, click here.

Interested in a group subscription?
Finish setting up your subscription