SkipToMainContent

Device Security

IoT device security: An ultimate guide for securing your new tech

November 8, 2021

’Tis the season to be jolly — and increasingly aware of Cyber Safety. This is especially true when it comes to our Internet of Things (IoT) devices and IoT device security. Because, just like us, cybercriminals are eager to embrace the most wonderful time of the year.

If you’re the type of techie who regularly receives IoT devices, such as smart watches, smart-home technology or plan to purchase, it’s important to know how to protect IoT devices when you're setting them up. That includes not only protection against viruses and assorted malware but also from prying eyes. 

This is all to say that everyone should practice heightened Cyber Safety over the holidays. Here, we’ve summed up the most anticipated tech gifts of the 2021 holiday season, common IoT security issues, as well as features to keep your information safe.

Top tech gifts and security tips for the holidays 

7 tips for how to protect IoT devices 

You might be wondering “How do you ensure security in IoT devices?” Understanding some of the built-in security features of these devices and cybersecurity best practices can help you keep your IoT devices secure.

1. Use complex passwords, patterns, and PINs

Whether your IoT device denotes it as a password, passcode, pattern, or PIN, these are your first line of defense to securing your IoT devices. Think of it like keys to a door — no lock has the same one. The same should go for your passwords across devices and accounts.

To ensure your password’s strength, use different characters, symbols, and capitalization patterns for each of your online accounts. And if you struggle with keeping track of the passwords, utilize your Password Manager included in your Norton 360 subscription, that will keep your passwords safe and organized for you.

2. Enable lock screens

If a password is the key to your door, a lock screen is the physical door. Leave it open and anyone can walk in. That’s why most IoT devices lock up when not in use and require you to sign in again to access them. To keep your devices protected, enable lock screens so people don’t have direct access to your information. 

3. Use voice command 

Voice command, or voice activation, has become almost standard on new IoT devices, including Siri on Apple products, Google Assistant on Android, and Amazon's Alexa. There are even refrigerators that can field your grocery list. It makes our busy lives easier to dictate our needs via voice command. And oftentimes these features have voice-recognition software enabled to only listen to their owners' voices. 

4. Set up two-factor authentication 

Two-factor authentication (2FA), or multi-factor authentication, is a second step in verifying your identity to log in to an IoT device or account. This may be in the form of security questions, verification codes sent via SMS or email, or maybe an additional PIN or password. Some 2FA types are even physical, in the form of hardware tokens like USB drives, and others types are biometric, using tools like facial recognition.

5. Make patching security issues routine 

Though most devices can fix security flaws using routine software updates, some IoT devices aren’t designed with this capability. This leaves some technology at a greater risk of being taken advantage of by lurking cybercriminals searching for vulnerable devices.

Consider visiting your device manufacturer’s website to manually search for downloadable security patches that can resolve bugs and security flaws. Patching devices with the latest security features can provide newly gifted devices with an extra layer of protection.

6. Consider segmenting networks

Most successful IoT attack incidents occur when a connected IoT device operates on a network containing sensitive and private user information. To ensure the security of your network and the devices connected to it, consider segmenting your internet network. This can be done by creating a guest network for your more vulnerable IoT devices examples, such as gaming consoles, smart speakers, and smart TVs.  

By segmenting your network, you can prevent compromised devices from gaining access to your primary network, which most likely hosts the information hackers are after. 

7. Be on top of your IoT network security 

As mentioned above, IoT attacks can oftentimes go unnoticed because there aren’t preset security features designed to alert users of suspicious activity. Because of this, hackers can sometimes go unseen for months on end, accessing information as it comes through your network.

To avoid this, keep your IoT network security top of mind by regularly checking for unapproved devices that have found their way onto your network. Taking the time to vet the network your IoT device is on can lessen the likelihood of your data falling into the wrong hands.

Are your passwords safe from cybercriminals?

Don’t make it easy for the criminals to break into your accounts. Auto-fill, store and protect your passwords, credit card information and other credentials online in an encrypted, cloud-based vault with Password Manager. With Norton 360 with LifeLock, get all-in-one protection for your devices, online privacy, and identity.


Don’t have one of our newest Norton 360 plans yet?
Click here to upgrade.


No one can prevent all cybercrime or identity theft. Not all products, services and features are available on all devices or operating systems. System requirement information on norton.com
§ Dark Web Monitoring in Norton 360 plans (without LifeLock) defaults to monitor your email address only. Log in to your account to enter more info for monitoring purposes. If you are a current LifeLock member, you can manage those settings in the LifeLock member portal.


Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.