We're filling our homes up with devices that keep track of what we do, what we look like, our schedules, what we say, what we watch, and how we sleep.
That means smart home security is of utmost importance. You're going to need to trust the devices you buy and - more importantly - the companies that are making them. While a lot of us would love to be great consumers and dive into hours of research and security reports, a lot of that stuff can be complicated to parse.
Not everyone has enough time to spend hours upon hours of research before making decisions. Thankfully, there are a couple of small things you can do that will increase your chance of protecting yourself.
It's important to note that these aren't full security measures. The only way to truly get the most secure devices is to go out, research them and purchase them. And even then, there are always loopholes and flaws that can be exploited.
Before you even think about buying a smart home device, make sure your router is fully secure. Your router is the gateway to your smart home, and if the gateway has a big hole in it that's a big problem for your smart home.
Once you've done that, it's time to look at devices.
Look at the brand
This is the first and most simple thing you can do when you're looking to buy a smart home device. While we love upstart smart home companies peddling their breakthrough new devices on Indiegogo and Kickstarter, these companies don't often have the resources to build iron-clad security.
And if they do, it's because they're looking to build a security-focused smart home device. The old Silicon Valley adage is that hardware is hard, and a lot of these companies are doing everything in their power to build working devices and build them at enough scale to satisfy crowdfunding backers.
If there's a massive security hole in their device or software, it would likely take them a while to reroute resources to patch it up.
The big tech brands like Nest, Amazon and Apple aren't necessarily immune from security flaws - far from it. However, these companies are much more well equipped to figure out how to fix it and how to fix it relatively quickly.
Plus, these companies sell so many devices that if, say, an Echo somehow started recording a couple's conversation and sent it to a random contact it would be a major story that Amazon would rush to correct relatively quickly. That's not as likely to happen with a smaller company, as scrappy and lovable as they may appear.
Stick to one ecosystem
Amazon. Apple. Google. Nest. SmartThings. There are a number of smart home platforms out there, and it can be hard to choose between them. You might prefer Google Assistant to Alexa. Or maybe you are fully into Apple's ecosystem, or you have a Samsung TV you'd love to fully incorporate into the rest of your home.
It can be very tempting to invest in a number of these ecosystems. Amazon Echo Dots and Google Minis are affordable enough that they can become impulse purchases after all, and then once you start trying out Philips Hue lights or Lifx lights and Ikea lights you find yourself in a mess of competing smart home products scattered throughout your home.
Resist the temptation. Invest in as few smart home ecosystems as possible. What you don't want to do is invest in a number of different systems, opening yourself up to more chances of a security loophole getting exploited.
The first thing you need to do is identify which assistant you'd like to hitch yourself to: Alexa, Google Assistant or Siri and HomeKit. Siri and HomeKit are likely the most secure options, as Apple famously requires more stringent software authentication to tap into HomeKit. HomeKit is also built to rely less on the internet than Alexa and Google Assistant, which means a slightly less chance of an exploit from afar.
However, HomeKit also doesn't have the device support that Alexa and Google Assistant have. It's a fairly sizable trade-off but one that is an unfortunate necessity of the smart home.
Similarly, you may want to stick to ecosystems in other areas as well. If you've gone all in on Philips Hue, there isn't much of a need to go buy Lifx stuff. If you're fully in on the Wemo smart plug and switch bandwagon, why turn to Lutron Caseta? You're introducing too many potential points of security failure.
Zigbee, Z-Wave and Hubs
Speaking of reducing potential points of failure, you're going to want to look on the box to see whether the device you has comes with some sort of built-in hubs. See, a lot of smart home devices nowadays require some sort of hub to work with other devices.
So if you've got Philips Hue, you're going to need a Philips Hue Hub to really get going. If you've got a Nest x Yale smart lock, you need a Nest Secure or Nest Connect to act as a hub for Works with Nest. Stuff like that.
If you can, what you should do is look at getting one smart device that can act as your smart home headquarters, doing a little of everything. For example, if you're looking to jump into Amazon's ecosystem then the Echo Plus is a good option.
Not only is it an Alexa-powered smart speaker, it's also a smart home hub that can pool together all the smart home devices that work with Zigbee. That means you don't need hubs for Zigbee-powered smart devices. You just connect them to your Echo, streamlining your operations.
You are relying on Amazon's security, and if there's a flaw or something like that you're entire system is at risk - but at least if something goes wrong you know where to turn to.
Check for a companion app
While we're looking at the box of your smart home device for clues, look for those familiar App Store and Google Play icons. That means that there's a companion app that you'll need to download to either setup or customize your smart home device.
That can be annoying, and you'll be tempted to never open that app ever again once you're screaming at Siri to turn off the lights, but you really need to. Companion apps are where all the security settings are, and you'll need to dig in to make sure all the settings are to your liking.
They will also ask for your permissions for a lot of things, like location and notifications, so you'll need to make sure everything is cool with you before you start using your device.
The most important part of a companion app, however, is that they're used to update the firmware of your smart devices. iOS and Android will receive over-the-air updates that include important security updates, but smart home devices won't download and update themselves.
You'll need to keep your companion app updated, and once you do that you'll sometimes be prompted to update your firmware to make sure any security flaws are patched up. Sometimes you won't even get an update, you'll get a little exclamation mark somewhere in the app. When you see that, make sure you update your firmware.
If you do those four things, you'll be well on your way to making sure you're buying the most secure smart home devices you possible can. There's an inherent risk in building a smart home, but it doesn't mean you can't take steps to mitigate it.