Agnes Kirk
Securing your voice-activated smart speaker
Once considered a novelty, voice-activated smart speakers have become mainstream. An estimated 39 million people in the United States now have one in their home, and that number is growing.
As with any smart device in your life, there are risks to consider. For example, on the low-tech side of things, someone could potentially walk up to a front door — or a wall separating an apartment — and attempt to open the front door by yelling commands.
Security experts, by the way, advise not to link smart speakers to door locks, and to secure automated purchases with a passcode.
Research also has found it may be possible to transmit voice commands, not audible to human ears, using ultrasonic frequencies, according to a Symantec report, “A guide to the security of voice-activated smart speakers.”
As always, we advise securing your home Wi-Fi using WPA2 encryption and a strong password. This will help prevent hackers from gaining access to your network and changing settings on your smart speaker, or access other connected devices.
If you already have a smart speaker, or plan to purchase one, consider taking the following steps:
- Periodically erase sensitive recordings.
- Create a passcode for making purchases to prevent accidental or unauthorized purchases.
- If the device allows it, lock it to your voice pattern for added security.
- Do not use the smart speaker to store sensitive information, such as credit card numbers and passwords.
- Enable automatic updates to ensure the device has the latest patches. This will help keep the device secure.
- Take steps to secure your home network. You can read about how to do that at cybersecurity.wa.gov.
- If you decide to sell or dispose of a smart speaker, remove any personal information that may be stored on the device.
Sincerely,
Agnes Kirk, Washington State Chief Information Security Officer
Ph: 1.888.241.7597 or cybersecurity@ocs.wa.gov
