How Independent Agents Can Help Smart Home Owners Minimize Privacy and Security Risks

  • PrintPinterestTumblrLinkedInFacebook
  • Closeup of digital tablet showing home control interface

    Not long ago, smart home devices seemed like the work of science fiction. Securing your home with connected monitoring products and having smart home devices that change the thermostat, monitor energy consumption and even order pizza would seem laughable.

    But it’s gradually becoming the norm. There were more than 45 million smart home devices installed in US homes as of late 2018, reports Michael Caccavale, CEO of marketing services provider Pluris. It’s interesting to note that only 12 to 15 percent of homes nationwide currently have smart devices, so the market is young with a tremendous growth potential.

    Smart home devices offer several benefits including convenience, lower energy bills and potential insurance savings, says the team at American Family Insurance. But they’re not without their flaws. Privacy and security are real issues homeowners should be aware of.

    Here are eight concerns your customers with smart home devices may have.


    Identity Theft

    A full 80 percent of devices are vulnerable to attacks, advises the team at tech innovation company Rambus. One of the most common threats is identity theft where hackers gain access to sensitive data that can be exploited. This is because smart home devices contain a lot of personal information.

    “Some 64 percent of people use connected devices daily, typically to access important personal information regarding health or smart-home appliances,” says tech writer Filip Truta. “At the same time, many smart device users are oblivious to how their data is shared across networks and devices, highlighting concerns about data security and privacy.”

    And it’s this lack of awareness that makes people so susceptible. In fact, 29 percent of device users don’t have a clue that data is shared across connected devices.

    IP camera on the shelf with toys, serving as a baby monitor

    Hackers Taking Control of a Device

    Device hijacking is a security attack where a hacker takes control of a device and its communication, explains tech writer Margaret Rouse. And this can create big problems because hackers can gain control and potentially infect other smart devices within a home.

    Rambus gives an example where the attacker compromises the security of a thermostat and then uses the information to gain access to the entire home network. Doing this allows them to change the security PIN code to remotely unlock a door.

    The problem, according to Computer Business Review, is that 100 percent of smart home devices contain vulnerabilities that make them susceptible to hijacking. Everything from motion detectors to video cameras to voice assistants are potential targets, which is something your customers need to know about.



    One particular privacy concern associated with smart home devices featuring cameras is spying. This is when someone hacks the device and is able to see and often listen to what’s happening.

    And it can be terrifying, writes Lulu Chang at Digital Trends. She gives the case of a young mother who discovered her baby monitor had been hacked and used to track her family’s activities. The device would move on its own and pan across the master bedroom, stopping at the bed, the baby’s bassinet and the spot where the young mom breastfed her son.

    And this isn’t an isolated incident. There have been multiple complaints of hackers using baby monitors to spy on families. One even involved a kidnapping threat where the hacker spoke to the parents through the device, says journalist Katie Utehs.

    This brings us to our next point.


    Learning Users’ Habits

    Gaining access to what’s happening inside a home means hackers can learn the user’s activities and habits. Depending on how many devices are in use, someone can follow children, as well as their parents, as they move from room to room, Dan Goodin at Ars Technica writes.

    Besides allowing access to a homeowner’s most private moments, the information gained could be used for a variety of nefarious motives with the most obvious being burglary. When an attacker knows when a house is empty and the family’s schedule, it makes it much easier to plan a break-in.

    Hacker man trying to breach security of a computer system search internet

    Denial-of-Service Attacks

    Rambus also discusses denial-of-service attacks. This is where a cyber criminal tries to deny availability to a machine or network by disrupting services to a host connected to the internet. Unfortunately, smart home devices provide the perfect framework for hackers to perpetrate DoS attacks.

    “This isn’t surprising, especially as a single compromised smart sensor on a network can infect similar devices running the same software,” explains Rambus. “These infected devices are then forced to join vast botnet armies that execute crippling distributed-denial-of-service (DDoS) attacks.”

    Tech journalist Lauren Barack gives the example of an attack in 2016 called BlueBourne, which cyber criminals hacked Amazon Echo and Google Home and spread through Bluetooth connections. As many as five billion products using Bluetooth were at risk and could be used to spread malware and steal sensitive information.



    Ransomware is a form of malware where an attacker takes over a device and denies access unless you pay them, explains cyber security writer, Josh Fruhlinger. It’s basically cyber extortion. While historically associated with computers, hackers can now use ransomware to lock people out of their smart home devices as well.

    This is becoming more common with the growing popularity of these devices, agrees tech writer Dan Sung. He notes the Mirai attacks, which usually target wireless routers and connected cameras. Meaning “the future” in Japanese, Mirai attacks go after a popular 32-bit processor installed in billions of IoT devices.

    This type of ransomware locks people out of their devices until they pay the cyber attackers to unlock them. Of course, it’s never guaranteed hackers will follow through with this promise.


    Cryptocurrency Mining

    Enterprise cyber security provider Trend Micro points to a growing trend where smart home devices are being taken over to mine cryptocurrency. Gaps in security like unsecured home routers serve as entry points for malware. Once the router is compromised, cyber criminals are then able to gain access to other devices and mine cryptocurrency, which uses considerable processing capabilities and can slow the devices to a crawl.

    The problem is homeowners may have no idea their devices have been compromised. The only clue they have may be a “slight performance lag” in the compromised device. And with the recent rally in most cryptocoin markets, cyber criminals might become more aggressive.


    Man-in-the-Middle Attacks

    Man-in-the-middle attacks occur when a hacker disrupts data traffic going from a device to a home network, explains the team at housing innovation site HIVE for Housing. For instance, a hacker could create fake temperature data from a home’s thermostat, which would prevent the AC unit from working during a heat wave. Man-in-the-middle attacks create major system vulnerabilities with the potential for serious consequences.

    Marketing analyst and strategist Christian Simko gives the example of smart fridge that was hacked, giving the attacker access to the linked email login information. With many people using the same password for multiple accounts, this can have a domino effect where a criminal gains access to all of those accounts with just one piece of information.

    Smart home interface with AR view of IOT objects interior

    How to Help Keep Your Customers Safe

    Many insurance customers are offered incentives to use smart home devices, says Daniel Wroclawski at Consumer Reports. In addition to lower premiums on homeowners and renters policies, customers can take advantage of price breaks on certain smart home security devices.

    So, it’s easy to see why many of your customers are keen to using these devices. But as an independent agent, it’s crucial that you do everything within your power to keep them safe from privacy and security threats.

    How do you do this?


    Have Customers Answer Key Questions

    There are two questions Zeljka Zorz at Help Net Security suggests asking those customers considering smart home devices: “‘Will the device improve the quality of my life/fill a need I have?’ and ‘Am I satisfied with the level of security and privacy the manufacturer provides users?’”

    Unless the answer is a clear “Yes” to both questions, it’s probably not in their best interest and may pose unnecessary risks.


    Educate Your Customers on Best Practices

    There are some critical best practices that should always be followed when using smart home devices. You can save your customers a lot of headaches by filling them in on what they are.

    Securing a smart home starts with protecting the router, says David Nield at Popular science. So, it’s vital that your customers choose their own password rather than use the one provided by the manufacturer. Ideally, it will be lengthy and switched out on a fairly consistent basis.

    Technology journalist Florence Ion recommends using a password manager like LastPass or 1Password to heighten password security. These help generate and complex passwords and manage them with ease.

    Downloading and installing updates as soon as they’re available is equally important, adds Nield. Developers are constantly releasing patches for security bugs, and staying current with updates helps keep devices protected.

    Multi-factor authentication is also a good practice, writes Lemuel Chico at Ezlo Smart Home. This makes it so users need two or more pieces of information such as a password and smart key to access a device, providing an added layer of protection.


    Addressing Customer Concerns

    Smart home technology offers an unprecedented level of comfort and convenience for modern consumers. Unfortunately, it also creates privacy and security issues. As an independent agent, it’s crucial to understand common threats and educate customers are how to secure their homes — especially if you’re the one suggesting they use smart home devices.

    You may also want to consider offering identity theft insurance to customers with connected devices in their homes. Nearly half (46 percent) of consumers indicate an interest in this type of coverage, according to identity and cyber protection professional Paige Schaffer.

    Following these tips should greatly minimize the risk level and allow your customers to enjoy their devices without having to constantly worry about threats.


    Images by: goodluz/©, vereenna/©, f8studio/©, nicoelnino/©