Someone just bought your smart home. Did they get your data, too
That's one of the questions homebuyers and renters should be asking themselves now that connected devices like locks, lights and thermostats are growing more common, according to the Online Trust Alliance. The industry group joined up with the U.S. National Association of Realtors to compile a checklist for anyone moving in or out of a connected home.
Built-in Internet of Things gear can make a new residence like a gadget you'd buy from an electronics store, with the added complication that someone else configured and used it before you did. Access to connected-home devices can mean a view into intimate information about how someone lives, or how they lived before they moved out: Door locks and thermostats might record when you're home, lights note what rooms you spend your time in, and security cameras keep an eye on you.
That information may be stored in the cloud, where anyone with access to the account for that device can gain access to it. Even if they've logged out and moved on, the system may retain their privacy settings, which might not match your preferences.
Most consumers are used to setting up and shutting down devices, but those tasks are easy to forget when the equipment is just there in the background. OTA President and Executive Director Craig Spiezle said it even happened to him when his family moved out of their house.
"We had a connected thermostat, and I didn't even think about it until the new owner asked me a question about it," Spiezle said. "I realized I still had access to their thermostat."
There's a wide range of devices to be aware of when you move in to a smart home, including door locks, alarms, security cameras, garage-door openers, lighting systems, smoke detectors, and irrigation systems, as well as modems, gateways and hubs that tie them all together. Large appliances like refrigerators, washers and dryers also increasingly are connected.
Though less than 20 percent of U.S. homes have these kinds of things built in, adoption is growing from the high end of the market, according to research company Parks Associates. Parks estimates 32 percent of homes larger than 3,000 square feet (278 square meters) have at least one smart product.
The new checklist is designed to help consumers make sure they're ready to move, and the NAR will use it to inform its members so they can help their clients.
The first tip on the OTA checklist is to make an inventory of all the connected devices in the house, as well as all the manuals, websites and vendor contacts that go with them. Next, residents should review the privacy and data-sharing policies associated with those devices.
The next step is critical: Getting confirmation from whoever's moving out that they no longer have administrative or user access to any of the devices in the home.
Then the list recommends sending new ownership and contact information to manufacturers; changing usernames, passwords and access codes; and making sure all the devices have up-to-date software.
That last step could save you from a home-security disaster. Hackers who take advantage of a vulnerability on one device could find their way into everything else on the home network. While a house with that kind of security hole may be very connected, it's not a smart home at all.