My Future Home Security Plan

71708376_10156192672276386_8926544879933194240_n.jpg

I closed on my house a few days ago and have been hard at work painting, unpacking boxes, and beginning the initial steps of my security build. In this post, I will discuss my plans on increasing the house’s defenses, concerning both the physical and digital battlefield.

Physical Security

The first thing that had to be done was replacing the locks on both doors; as the front door didn’t even have a deadbolt and the one lock that was on it was quite loose, this action was mandatory. For the front door, I ended up buying a Kwikset SmartCode 909 Electronic Deadbolt, as it offered one-touch motorized locking, up to 8 programmable codes, a backlit keypad, and an alarm.

71035338_10156194043046386_9191462749127835648_n.jpg

After adding the new deadbolt, I replaced both the front and rear door locks with some high-quality stainless-steel sets. In the future, I plan on replacing the interior door in the garage with a smart deadbolt as well (mainly to make carrying groceries easier).

With physical security on the right path, I need to start thinking about how I will tackle the technology of the house with the goal of creating a smart-enabled home defense system. I have been dreaming of this build for many years now and want to have completely wireless, intelligent, and advanced hardware which will communicate with the entire house. I also want to be able to get instant notifications on my mobile phone.

Internet

To pave the way for the new home security build, I will need to ensure my internet is up to the task of handling live-stream video capture and 24/7 monitoring. As I am already a Cox customer, I decided to upgrade my plan to Cox Gigablast, which offers up to 940 Mbps download speeds and Cox Security Suite Plus. Today, I am picking up the new Gigablast-enabled hardware after work and can’t wait to see how fast the plan really is.

Interior Security

I have already purchased and reviewed a few products that help safeguard the interior of the home, such as the Lefun C2 720P Wireless Baby Monitor and Amazon Echo Dot. The Lefun Baby Monitor allows 24/7 video capture of our baby’s room, viewable from any mobile device. The Amazon Echo Dot can communicate with some of the other systems I will talk about later in this post and even has its own security feature, Alexa Guard. I plan on buying a few more Echo Dots in the future, placed in specific areas of the home.

Home Security Options

Although I figured I would build my own system, I went ahead and got some quotes from all-in-one security systems from companies like Cox and ADT.

Cox Homelife

With Cox Homelife, I could bundle my internet package with the security system and potentially save some money but would have a monthly fee as well as sign a lengthy contract. Since Cox is only available in a few states, I thought that in the event of having to relocate again for a career change, signing a contract for my home security would not be an option.

ADT

ADT is another possible candidate, but with three-year contracts and monthly fees, both Cox and ADT seem to be tailored to those who cannot set up their own system.

Ring

While there are several options for video-enabled smart security devices, the brand that really catches my eye is Ring. The first product I believe I will purchase is the Ring Doorbell 2, which will replace my current outdated doorbell with a smart camera; this device will be placed on the front door only, as the back door will always remain locked with its new hardware. However, I do believe I will place some form of a camera in the rear of the house, overlooking the deck and door. Speaking of the rear camera, I plan on adding a Ring Floodlight Camera over the garage door, which will be able to provide me a top-down view of my driveway; this same camera might be perfect for the rear door as well, as it will help illuminate the deck.

Ring devices will also work with my Amazon Alexa Dot, allowing the whole house to communicate with itself and send me instant notifications on my mobile devices.

70983837_10156192672896386_5247068838654115840_n.jpg

Things I’m Still Considering

Ideally, I would love to have a smart thermostat, smoke alarms, and carbon monoxide detectors. For the thermostat, I will have to wait until I upgrade the HVAC system, which will hopefully be soon. For the smoke and carbon monoxide alarms, I will have to do some research into some products that will help me in my goal of a complete smart home. I know with my Amazon Alexa Echo Dot, I can use the Alexa Guard mode to notify me of any alarms going off in the home, so I might be able to just keep my current detectors. I am also planning on purchasing a few smart plugs which will control various lights and devices around the house; if an alarm sounds or an intruder gains access, the lights will turn on and flash, as well as play a certain song or additional alarm.

The Build

I am currently planning on the following build but am actively researching other options.

  1. Kwikset SmartCode 909 Electronic DeadboltFront Door
  2. Kwikset Cameron Satin Nickel Smartkey Keyed Entry Door Knob(x2) Front and Rear Door
  3. Cox Gigablast w/ Cox Security Suite Plus
  4. Lefun C2 720P Wireless Baby Monitor (x2) Baby’s Room
  5. ESICOO Smart Plugs(x2) Will turn on various lights in the event of an alarm/intruder
  6. Amazon Echo Dot(x3) Main Hallway, Garage, Rear Kitchen
  7. Ring Doorbell 2Front Door
  8. Ring Floodlight Camera(x2) Above Garage, Rear Door

 How Will This Security System Work?

A great method one can use to plan out a home security system is to visualize what will happen if an intruder tries to gain access. It is important to note when every device will activate, how that will deter the intruder, and in what order everything will operate in. For example, with the above build, it would look something like this:

Front Door

  1. Intruder pulls into the driveway- *Ring Floodlight Camera activates light*
  2. Intruder is in driveway- *Ring Floodlight Camera records intruder with video camera*
  3. Intruder is in driveway- *Ring Floodlight Camera alerts me of intruder via interior alarm or phone notification*
  4. Intruder walks up to front door- *Ring Doorbell 2 alerts me of intruder via interior alarm or phone notification*
  5. Intruder attempts to force door open- *Kwikset SmartCode 909 Electronic Deadbolt and Kwikset Cameron Satin Nickel Smartkey Keyed Entry Door Knob prevent access*
  6. Intruder attempts to open door using keypad- *Kwikset SmartCode 909 Electronic Deadbolt prevents access by only allowing my passcode*
  7. Intruder further attempts to open door using keypad- *Kwikset SmartCode 909 Electronic Deadbolt emits an alarm after a certain number of attempts are made*
  8. Intruder somehow gains access: *Amazon Echo Dot in hallway hears the alarm, notifies me of intruder via interior alarm or phone notification*
  9. Intruder somehow gains access: *Amazon Echo Dot in hallway hears the alarm, communicates with ESICOO Smart Plugs to turn on interior lights and lay loud music (Star Wars The Imperial March will do)*
  10. Intruder gets into baby’s room: *Lefun C2 720P Wireless Baby Monitor captures video and audio, alerts me via phone notification*

As you can see, I would have been notified of the intruder as early as step 1, allowing me to call the proper authorities or handle the intruder myself.

71082192_10156192672526386_5529896158832361472_n.jpg

Back Door

  1. Intruder Walks to Back Door/Deck- *Ring Floodlight Camera activates light*
  2. Intruder is at Door/Deck-*Ring Floodlight Camera records intruder with video camera*
  3. Intruder is at Door/Deck- *Ring Floodlight Camera alerts me of intruder via interior alarm or phone notification*
  4. Intruder attempts to force door open-*Kwikset Cameron Satin Nickel Smartkey Keyed Entry Door Knob and existing deadbolt prevent access*
  5. Intruder somehow gains access: *Amazon Echo Dot in kitchen hears the alarm, notifies me of intruder via interior alarm or phone notification*
  6. Intruder somehow gains access: *Amazon Echo Dot in hallway hears the alarm, communicates with ESICOO Smart Plugs to turn on interior lights and lay loud music (Star Wars The Imperial March will do)*
  7. Intruder gets into baby’s room: *Lefun C2 720P Wireless Baby Monitor captures video and audio, alerts me via phone notification*

 Again, I would have been notified of the intruder as early as step 1, allowing me to call the proper authorities or handle the intruder myself.

Also, in both the Front Door and Back Door examples, each Amazon Echo Dot in the house would communicate with each other, creating a network of communication and safety.

Nobody Cares: Disabling ‘Facebook Live’ Video Notifications

 

If you are lucky enough to haven’t experienced getting spammed with ‘Facebook Live’ posts, only to see your ‘friends’ filming a concert which you can’t even hear due to poor audio, I envy you. While Facebook’s live video upload is definitely an impressive display of their technological prowess, the method in which it is utilized is often disappointing. Unlike a typical photo or shared post (in which you would only be notified if you were tagged in some way) ‘Facebook Live’ posts will inform you of the content regardless of any further involvement; this can lead to a seemingly endless number of useless alerts and notifications.

So, how can one disable ‘Facebook Live’ notifications? Similar to most common Facebook annoyances, eliminating them is a painless process (as long as you know where the setting is located).

DESKTOP
  1. While logged into Facebook, navigate to the top right-hand corner of the navigation bar, and click on the Arrow.
  2. From the drop-down menu, select Settings near the bottom of the list.
  3. Next, locate the Notification button on the left-hand column (the icon has a little Earth next to it).
  4. Scroll down until you see Video, and select it.
  5. Finally, simply toggle the Allow Notifications on Facebook selection off.
MOBILE DEVICE

Since the process for doing this on a mobile device is similar, I won’t bother you with pictures of each step.

  1. While logged into Facebook, tap on the Menu icon (three horizontal lines stacked together at the top right of your screen).
  2. Next, scroll down until you see Settings & Privacy, tap it, then select Settings.
  3. Scroll down until you see Notification Settings, and tap it.
  4. Scroll down until you see Video, and then select it.
  5. Finally, simply toggle the Allow Notifications on Facebook selection off.

In these five easy steps, you are now successfully blocked from receiving notifications from ‘Facebook Live’ posts of people singing in their car, spilling drinks at a bar, and the never-ending supply of cat videos. You can thank me later.

Domain Scams: A Chain is Only as Strong as Its Weakest Link (Pun Intended)

jj-ying-PDxYfXVlK2M-unsplash.jpg

In today’s world, pretty much every business has online customer interaction; due to this, cybercrime is rising, and phishing attacks are growing at a rapid pace in sophistication and usage. For this post, I am going to talk about domain name scams, primarily typosquatting, where an unaffiliated individual purchases a domain which is similar to a business’s, and then uses that domain to send its customers emails and notices.

Why does this occur? Well, creating and purchasing domain names is a relatively simple process with little-to-no governance involved. By obtaining a domain which is similar to one owned by a business, you can message their customer while appearing to be affiliated with their company and request payments or personal information. For example, say your company owns ‘www.randomcompany.com’ and someone purchases ‘www.randomcompany.co;’ as you can probably tell, the ‘m’ in .com is missing from the original address; however, for the unexpecting customer, they might not be so vigilant.

 

For a little background, there are several other variations of attacks that can be involved in a domain scam, besides the abovementioned typosquatting.

Domain Hijacking: occurs when somebody gains access to your domain registrar account details, thus gaining full control of all domain-based functions (changing/transferring domain name/DNS name servers, editing technical, personal, admin. details). When a domain is hijacked, attempting to reclaim ownership of it can be a lengthy process, especially when transferred to another registrar.

Domain Phishing: occurs via scam emails which route unsuspecting customers to fake websites posing as the original registrar’s sites. Within a phishing email, the attackers gain sensitive data such as banking information and personal details, which can then be utilized in identity theft.

Going back to our original issue, you have just woken up, checked your email, and unfortunately learned that a misspelled-version of your domain name is contacting your customers in hopes of obtaining a ‘missed payment.’ What can you do to stop the emails from happening, inform your customers of what to look out for, and most importantly, safeguard your domain to prevent any further attacks?

If your company has a legal team, they should be able to help you create your own plan of counterattack. Besides notifying your customers of the potential scam and adding a warning on your emails stating to only interact with it if the sender’s domain matches your own, legal actions should be taken immediately. While the effectiveness of contacting your/their registrars and informing them of the issue can vary, they might be able to put the domain on hold, preventing further re-sales/transfers; during this process, you will most likely be asked to authenticate your ownership of the account in question. For a list of approved Dispute Resolution Service Providers, check out ICANN.

How to Strengthen Your Domain Security

To prevent domain scams in the future, there are several methods to bolster your website’s defenses. Choosing the right domain registrar company is an excellent first step; be on the lookout for features such as two-factor authentication, DNS management, and 24/7 technical support.

If your registrar allows two-factor authentication (2FA), always enable it. 2FA ensures that even if an unauthorized individual has access to your domain’s username and password, they will have to get through a second layer of security to access your account (such as entering a code sent to your cellphone). Domain locking, while generally enabled by default by popular registrars, prevents unauthorized domain name transfers; this should always be on. ICANN WHOIS is a great tool to help reduce the amount of personal data you expose on the internet, including your (or your company’s) physical and email address, phone number, and other potentially sensitive information. Next, similar to all login credentials, your password’s sophistication and security practices need to be extensive and advanced. Passwords should have 8+ characters, avoid dictionary words, use a combination of numbers, symbols, lower/uppercase letters, as well as frequently changed. Furthermore, keep your domain’s contact details updated and not shared with anyone.

Final Word

A single case of a hacked or stolen domain can significantly impact your business in numerous ways, potentially leading to declining sales, lower customer trust, reduced SEO rankings, or even the total loss of a company. Your domain name and its security are just as crucial as your apps, content, and coding; spend the extra money on a reputable registrar, backup service, and purchase the common spelling variations of your domain; you won’t regret it.