Login

Educating Customers About Home IoT Network Security

Telecommunications Companies Can Elevate Their Role from Vendor to Trusted Advisor

[the_ad_placement id="news-telecom-top"]

The News:

The advent of smart hubs, wireless routers, and a plethora of consumer-grade internet-controllable devices has created a dangerous situation for both customers and telecommunications companies. Many of the Internet of Things (IoT) devices connected to home networks are equipped with little or no network security controls, leaving the users, their home networks, and even the broader internet community vulnerable to attack. Identifying the types of devices and security protocols that are particularly vulnerable, telecommunications providers can educate their customers on these dangers, strengthen the security around their network endpoints, and even generate incremental revenue through the sale of network-safe devices. Most importantly, they can improve their users’ overall customer experience, and elevate their role from vendor to trusted advisor.

Educating Customers About Home IoT Network Security

Analyst Take:

Most IoT devices shipped from the factory are inherently vulnerable to attack, and as a greater number of novelty devices include IoT connectivity, consumers must take the proper steps to secure these devices and their networks, to protect themselves and other users from malware, viruses, and other security intrusions.

Indeed, hackers can utilize techniques known as sniffing and encryption cracking to intrude into a home network. With sniffing, hackers hijack any packet of data transmitted between an IoT device and a router, transfer it onto their device, and use brute force to decipher it, often in only seconds or minutes. This can lead to hackers remotely controlling smart lights and thermostats, smart TVs, and other appliances, unlocking IoT-enabled exterior doors and garage doors, and remotely turning on and accessing video from smart cameras. Further, if these IoT devices are connected to the same internal home network as laptops or computers, it may be possible to intercept and steal sensitive data, such as personal data, financial information, and anything else stored on the network if secondary security measures have not been deployed.

Personal Data Can Be at Risk on Home IoT Networks

Data that is stored on devices connected to an unsecured or vulnerable home IoT network can be at risk of being stolen, and then used for identity theft and fraudulent transactions. In addition, smart devices that contain personal data, including seemingly innocuous devices such as servers containing music or photos, can also contain data that provides a physical trail of users’ whereabouts, thanks to geolocation data and purchasing data. Savvy hackers can identify behavior patterns or correlate this data with other personal information to create a virtual profile of an individual, which may leave the user vulnerable to not only digital crimes, but physical ones as well (such as ascertaining when the user is away from home, leaving them vulnerable to a burglary).

Relinquishing Device Control to Hackers

Smart devices without the adequate security controls enabled can also be hijacked, surrendering control to an attacker, letting them manipulate the device and spoof the communication between two ends, which could also result in control over the entire home network. In addition to nuisance issues (such as turning up a thermostat too high), an attacker could unlock connected doors, shut off security cameras, or even potentially disable connected alarms.

Identifying the Risks with Connected Devices and Unsecured Networks

Two major flaws in connected homes make them susceptible to these attacks, including weak IoT-enabled devices and unsecured and vulnerable local networks. Smart home devices can be particularly vulnerable to attacks because they are special-purpose devices, and many of these vendors fail to provide the required special-purpose security solutions. In addition, these devices often use operating systems such as INTEGRITY, Contiki, FreeRTOS, and VxWorks, whose security solutions are neither as robust as those of Windows or Linux-based systems, nor can security defenses be updated to manage the evolving cyberattack techniques and tools.

Similarly, many users implement local home networks without implementation of the proper security protocols. Wi-Fi networks can be vulnerable to attack due to the use of default or weak SSIDs, the use of default or simple passwords, and weak encryption protocols. Failing to update credentials from the default settings is the digital equivalent of leaving a home’s front door wide open with a sign that says, “Help yourself to everything inside.”

Whenever possible, users should use Wi-Fi Protected Access (WPA) security protocol, or WPA2, the second-generation of the protocol, to connect devices to the router. WPA and WPA 2 are more secure than the weaker Wired Equivalent Privacy (WEP) protocol often set as the default protocol on many devices. If the devices a user wants to connect do not support WPA or WPA2, they should not be used, or should only be connected to a wireless network that is not linked to a network that is connected to IoT-connected computers, doors, lights, thermostats, or appliances.

Users should also enable two-factor authentication, where a device requires an additional verification via a mobile or authenticator app, which significantly reduces the ability of hackers to manipulate devices. Firewalls can be used to segment non-critical IoT devices from critical ones, and let the user manage the security level of individual connected devices. Firewalls can also be configured to send notifications to the host when any anomalies in the network or devices are detected.

Finally, it is important to periodically check and update the firmware of routers and IoT devices to ensure the latest security protocols are active.

Telecommunications Service Providers Should Take the Lead with IoT Device Education

As telecommunications providers often provide the hubs or routers used to connect these devices in the home, they are in a unique position to serve as a trusted authority on IoT home security. They can provide education around the devices to watch out for (largely novelty items such as string lights, or inexpensive gadgets or appliances that do not include on-device security protocols).

Telecommunications companies can also provide explainer tutorials on how to set up and configure their home networks to be as secure as possible, and should also provide a way for customers to easily get help from a virtual assistant or live technical support representative if they have an issue or additional questions. Finally, communications services companies can potentially add incremental revenue through the sale of vetted IoT devices that employ the proper security controls.

These final two steps are opportunities to not only help secure the homeowner’s network (and prevent intrusions that could, in theory, help spread malware and viruses around the web as a whole), but also improve engagement with customers and demonstrate that the telecommunications provider is a trusted advisor and resource.

Author Information

Keith has over 25 years of experience in research, marketing, and consulting-based fields.

He has authored in-depth reports and market forecast studies covering artificial intelligence, biometrics, data analytics, robotics, high performance computing, and quantum computing, with a specific focus on the use of these technologies within large enterprise organizations and SMBs. He has also established strong working relationships with the international technology vendor community and is a frequent speaker at industry conferences and events.

In his career as a financial and technology journalist he has written for national and trade publications, including BusinessWeek, CNBC.com, Investment Dealers’ Digest, The Red Herring, The Communications of the ACM, and Mobile Computing & Communications, among others.

He is a member of the Association of Independent Information Professionals (AIIP).

Keith holds dual Bachelor of Arts degrees in Magazine Journalism and Sociology from Syracuse University.

SHARE:

[the_ad_group id="12540"]
[the_ad_placement id="news-telecom-sidebar"]

Latest Insights:

Altimeter and ARK Lead $100M Round in Hammerspace to Strengthen AI Infrastructure Performance
Brad Shimmin
Brad Shimmin

Altimeter and ARK Lead $100M Round in Hammerspace to Strengthen AI Infrastructure Performance

Brad Shimmin, VP and Practice Lead at The Futurum Group, examines why investors behind NVIDIA and Meta are backing Hammerspace to remove AI data bottlenecks and improve performance at scale.
Will Tableau’s New Enhancements Drive Use of Agentic AI Across the Enterprise
Brad Shimmin
Brad Shimmin & Keith Kirkpatrick

Will Tableau’s New Enhancements Drive Use of Agentic AI Across the Enterprise?

Looking Beyond the Dashboard: Tableau Bets Big on AI Grounded in Semantic Data to Define Its Next Chapter
Futurum analysts Brad Shimmin and Keith Kirkpatrick cover the latest developments from Tableau Conference, focused on the new AI and data-management enhancements to the visualization platform.
Partnering For Success: Field Alignment, Earnings, and Readiness with Google Cloud- Six Five On the Road
Tiffani Bova
Tiffani Bova

Partnering For Success: Field Alignment, Earnings, and Readiness with Google Cloud- Six Five On the Road

Colleen Kapase, VP at Google Cloud, joins Tiffani Bova to share insights on enhancing partner opportunities and harnessing AI for growth.

Latest Research:

Secure Data Infrastructure in a Post-Quantum Cryptographic World
Dr. Bob Sutor
Krista Case
Dr. Bob Sutor & Krista Case

Secure Data Infrastructure in a Post-Quantum Cryptographic World

In our latest Research Brief, Secure Data Infrastructure in a Post-Quantum Cryptographic World, created in partnership with NetApp, The Futurum Group explores the quantum cybersecurity threat and offers a roadmap to protect enterprise infrastructure through Post-Quantum Cryptography, crypto-agility, and proactive data security strategies.
Unlocking the Total Economic Value of Smartsheet
Donald Jin - Research Director, Business Economic Value
Keith Kirkpatrick & Donald Jin

Unlocking the Total Economic Value of Smartsheet

In our latest report, Unlocking the Total Economic Value of Smartsheet, completed in partnership with Smartsheet, The Futurum Group quantifies the platform’s financial and operational impact, revealing how Smartsheet helps organizations accelerate decision-making, streamline workflows, and realize a 601% ROI in just three years.
Securing the Software Supply Chain: A C-Suite Imperative
Mitch Ashley
Mitch Ashley & Daniel Newman

Securing the Software Supply Chain: A C-Suite Imperative

In our latest Research Report, Securing Your Software Supply Chain: A Boardroom and C-Suite Imperative, completed in partnership with Sonatype, The Futurum Group examines how the software security conversation is shifting from technical teams to the boardroom. The report provides practical guidance on compliance, risk management, and technology investments needed to secure software across modern enterprises.
Become a Client

The Futurum Group

(833) 722-5337

501 West Ave., Suite 2102
Austin TX 78701

Linkedin Youtube Facebook

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence
Login to Futurum Labs Research Library

Book a Demo

Thank you, we received your request, a member of our team will be in contact with you.