7 Deadly Sins of Home Networking: How to Stay Cyber Secure
As residential technologies become more scrutinized over their potential liability to hacking threats, security and smart home installers can provide customers a safety net. Here’s how.
Home networks are the engine that drives the smart home, and in turn your residential customers’ security, automation, A/V, lighting, HVAC and other subsystems. So if the network is not designed and installed correctly, the smart home likely will not function properly — you won’t look so smart and your client certainly will not be happy.
Unfortunately, there are some common mistakes security dealers make when building home networks for their residential customers. To avoid those potential errors, the Consumer Technology Association (CTA) developed the Connected Home Security System (see next page) to help dealers securely install connected devices.
As part of the initiative CTA created the Connected Home Security Online Tool, a four-page downloadable PDF checklist and scoring tool accessible on any smartphone or tablet, spans topics from basic password management to VPNs, VLANs and more.
It also gives smart home pros a way to describe to homeowners what issues can occur and why they may want assistance managing their network.
“We set up the network in every project we do. It is a standard protocol for every network we do to include some basic element of cybersecurity. We explain to customers why they need to be wary and need to have security on their home networks, especially with smart home devices today,” says Dan Fulmer, president of Fultech Solutions in Jacksonville, Fla., and CTA TechHome Division board member who helped develop the association’s home networking best practices.
“We can lock down the network, but there is no guarantee that little Johnny isn’t going to come home one day and plug in a gaming system that opens up more holes in the network than the client is even aware of,” Fulmer adds. “We try to give [our clients] the facts so they can have a general awareness and make better decisions, then we want to be the experts behind that decision.”
Following Proper Protocol
At Fultech sales discussions start with clients by talking about the home network. In the past, Fultch led with the alarm system. The good news is that Fulmer says he has not seen any customers shy away from wanting smart home technology because they are afraid of being hacked.
A scarier proposition for security dealers is insuring against something bad that might happen because their clients’ home networks fail. Fulmer and Bjorn Jensen, owner of networking consulting company WhyReboot, provided SSI the following seven pitfalls security dealers should avoid when designing and installing home networks.
1. Poor Documentation
“This is the No. 1 thing I see people make mistakes with,” says Jensen. “The first mistake is not having any at all; no design, no documents for the techs to follow, etc. Then, if someone does have documentation, a lot of times the techs onsite won’t follow it, or will make changes on the fly. This creates the next biggest issue, which is that the documentation is not updated as changes are made,” he says. “This leads to the inevitable problem that arises two months later, or two years later, when someone tries to troubleshoot the network and now billable time is wasted trying to reverse engineer something when simple updates to documentation could have saved time and frustration for all.”
2. Wireless Access Point Misplacement
According to Fulmer, sometimes dealers choose to locate the wireless access point based simply on where they can mount it easily. This can introduce issues into the system. “They usually stick it wherever is the easiest, which sometimes is in the integration panel or simply drilling a hole through the wall in the room that is closest to the cable line outside the house. That is going to be very limiting on the access point’s range,” he notes.
Likewise, placing access points too closely can create crosstalk. “We’ve fixed some jobs where the home has 15 access points. The devices begin bleeding into each other and just bounce back and forth. It hurts the signal of nearby access points, so you are actually reducing coverage,” adds Fulmer.
3. Not Using Strong Passwords
“Use strong passwords for all network gear, including devices on the network such as camera systems. This should be a no-brainer,” says Jensen. “It’s apparently not, because I see this all too often. I cannot stress the importance of doing this upfront.” He continues, “Aside from many other potential breaches, I have seen some scenarios play out that could have easily been avoided had the simple step been made to lock gear down. For example, whoever sets up the NVR doesn’t set a password on it and leaves it default. Another tech is sent out and asked to forward ports to the NVR but he doesn’t even realize the default password is still in place. He has the network tech forward ports and now that thing is open to the world. There are literally websites that crawl the net looking for open ports and default passwords just to serve these devices up to the world, already opened, already connected.”
Fulmer agrees. “Not changing the default password is the biggest thing. The Consumer Technology Association and other organizations are working with manufacturers to try to get changing the default password a voluntary thing.” California recently passed a law that beginning in 2020 devices with remote access capability must either have a password that is unique to the device, or require the password to be changed on first use.
“The problem often lies with small IoT manufacturers. So many consumers who do not use an integrator buy an off-the-shelf IoT device, plug it in and install it on their own. Instead of having another password to remember, they just leave the default because it is simple. That leaves holes in their home network,” Fulmer adds. “You should change the user name and password on any device you buy.”
4. Skipping Power Protection
“We all know how electronics can age very quickly when hit by poor power, and network gear is no exception,” says Jensen. “Whether it’s your modem, router, switch or any other part of the core network, you should always have these devices on surge protection, at the very least.”
He adds, “Ideally you could get surge elimination as well as backup battery protection, but if you have nothing except the devices plugged into the wall, you’re doing it wrong and you’re going to pay for it. This will cause preventable truck rolls and ultimately frustration from the end client. Network gear can be finicky at times and poor power can also create ghosts that you could avoid otherwise had you installed reliable power.”
5. Bad Wiring
“Poor wiring can cause you to lose your mind. Do it right the first time,” Jensen emphasizes. “Make sure the technicians know how to properly terminate cables and test each cable when done. Don’t just use a continuity tester, or even one that just tells you if the pairs are correct. The cable may pass but it doesn’t mean it can pass data correctly, or at the speed you’re designing for. You really want to use a validation tool to ensure the cables are right. Otherwise you could end up spending more time in troubleshooting down the road.”
Using that validation tool is especially necessary when doing a retrofit, according to Jensen. “You don’t know what’s behind those walls. Maybe someone put a nasty splice halfway down the line, maybe two. Ideally you could replace all wires with your own, but I know that’s not always possible.”
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!