Stacey on IoT | Internet of Things news and analysis

Internet of Things

  • Home
  • Analysis
  • Startups
  • How-To
  • News
  • Podcast
  • Events
  • About
  • Advertise
  • Speaking
    • Facebook
    • RSS
    • Twitter
    • YouTube

A few devices and services for securing your smart home

December 27, 2022 by Stacey Higginbotham 2 Comments

A few weeks back, I explained how I think about my risk model when it comes to cybersecurity in my smart home. Shortly after that piece was published, Comcast issued a report that showed how wrong many people were when it came to understanding which devices posed the largest threat to their home network security.

In my article, I recommended using an outside device or service to monitor your network, so I figured I’d share my experience with some of the options out there.

My array of smart home security devices include a Firewalla Purple, an Everything Set box, and sometimes a monthly subscription to the Eero Secure service. Image courtesy of S. Higginbotham.

I use a service or device to both monitor which devices are on my Wi-Fi network and assess traffic patterns. Many companies, such as Comcast and Eero, offer a security service on top of their internet service or router for a monthly fee. These security services let you track the devices on the network and will usually alert you to weird traffic patterns, such as when a connected dishwasher suddenly tries to send 100 times the usual data it uploads each night.

There are also physical devices that plug into your router that will monitor and alert you to traffic issues. I use a $399 device called the Firewalla Purple, which provides an incredible amount of customization and monitoring capabilities. The Firewalla doesn’t just look at traffic patterns, but at where traffic is heading and what type of traffic is traveling on the network. It also provides basic firewall and intrusion detection.

It’s powerful but can be somewhat intimidating, too. For example, I get a lot of notifications, including ones about ports that have been left open on a specific device or data that is hitting questionable services. The average human isn’t going to know what those messages mean, and might panic. Even I get overwhelmed by notifications. But if you’re willing to look up the alerts, you’ll learn some pretty awesome stuff and feel more capable of managing your network. You can also turn off notifications or limit the types of alerts you see. (Here’s a seven-and-a-half-minute video on managing alarms!)

Or you can install a device from a startup called Everything Set. I’ve run the device, which is currently in beta, on my network for about six weeks. Instead of freaking me out about abnormal uploads or notifying me when my kid’s MacBook is watching video, I just get a weekly report with a security score and some charts highlighting any devices that have shown higher-than-average use.

The first week, my security score was a 10 (even though I had open ports!), but it has since dropped to a 9.0. That is still apparently pretty good, but I don’t exactly know what has caused my score to drop. I did add a Eufy lock and an IKEA Dirigera hub during this time frame, so perhaps that’s it. The CEO of Everything Set told me that the company is working on sharing more information and an updated version of the software should launch early next year (this is a beta product).

I’ve also used Eero’s cheaper security plan, which is no longer available. If you want to get security through your Eero router, you now have to pay $9.99 a month for security as well as access to 1Password, a VPN service and parental controls, and an ad blocker. Without paying a cent, I do still get access to notifications when a new device joins my network and I can dig in on a specific device to see how much data it’s using.

Google Nest WiFi Pro gives you proactive network speed monitoring and optimization, guest networking, parental controls, automatic software updates, and adult content site blocking, for free. You can turn on Google’s SafeSearch to block adult sites, but you can’t block specific sites or even categories. It’s helpful, but not really robust enough to be a security service.

For Comcast’s 32 million broadband subscribers, if they pay for an Xfinity Gateway, they also get xFi Advanced Security, which helps monitor network traffic going into and out of the home, proactively flagging “odd” or malicious behavior. Comcast has been adding functionality to its modems for more than half a decade as the number of devices in the home has skyrocketed and the complexity of managing a home network has become more difficult.

Asad Haque, executive director with Comcast, said that the Gateway’s “advanced security capabilities are very helpful. Just like [a] deadbolt on a door provides security to what is behind that door, Gateway’s ability to guard [the] network protects what is behind that gateway.” He added that the next layer of security will be built into the connected devices in the home, touting the work that the Matter home interoperability protocol has done on this front.

“It is often too much for consumers to understand ‘DMZ’ architecture where untrusted/guest devices are segmented off, but that is a good practice as well,” he said. I am going to recommend you avoid doing that unless you have a really high risk profile. It’s very complicated and can break certain device capabilities when a user’s phone is on one network and the device is on the other.

And what about antivirus software? While it can protect users’ computers and phones both in and outside of the home, for those worried about their many connected devices that aren’t computers, even antivirus provider Bitdefender recommends some form of router-based service or standalone device. Bitdefender also provides its software to Netgear, which offers its own Armor-based security service tied to Netgear routers.

Shalini Sengupta, senior product line manager for Netgear Armor, said physical devices may not protect any devices outside of your home network (which is why antivirus software that does is useful on computers that leave the home network). As for buying a physical device or relying on your ISP or router maker, Sengupta thinks devices that come with a router or from the ISP are a bit more consumer friendly because security software on a home router automatically activates as you set up your router. And many of these services let you try the service in one-month increments so you can find out whether or not it actually helps.

The bottom line is if you want to set up a smart home, it’s probably worth considering your risk profile, as I wrote about two weeks ago. And if you don’t like the risk you’re taking, investigate an outside device or service. I think they are worth the cost in terms of peace of mind. Plus they usually offer many other functionalities, such as parental controls or ad blocking, that make them worth the added cost.

 

Updated: This story was updated on Dec. 31, 2022 to reflect that Eero Secure offers a subscription to 1Password not Last Pass. 

Want the latest IoT news and analysis? Get my newsletter in your inbox every Friday.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Filed Under: Featured, How-To Tagged With: Bitdefender, comcast, Eero, Everything Set, Firewalla, google

Sponsors



Become a sponsor

Subscribe to Blog via Email

Enter your email address to receive notifications of new posts by email.

Comments

  1. Matt says

    December 30, 2022 at 4:19 pm

    You mention with the security plan with eero secure you get last pass however that’s incorrect. You get a subscription to 1Password.

    Reply
    • Stacey Higginbotham says

      December 31, 2022 at 11:59 am

      Ugh. Last Pass was too much in the news. Thanks for the catch, and I updated the story.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

IoT Podcast

Listen to the latest episode of the Internet of Things Podcast. Just press play!

Sponsors

Become a sponsor







Get Stacey’s free weekly Internet of Things newsletter

  • This field is for validation purposes and should be left unchanged.

Recent Comments

  • Michael Rada on Podcast: Hacking sensors and securing medical devices
  • Jon Smirl on TP-Link Tapo Smart Plug with Matter: Simple and mostly smart
  • Lawrence K on TP-Link Tapo Smart Plug with Matter: Simple and mostly smart
  • Hugo on TP-Link Tapo Smart Plug with Matter: Simple and mostly smart

Stacey on Twitter

Tweets by gigastacey
Copyright © 2023 SKT Labs, LLC · Privacy Policy