CyberSmarts for Seniors: Detailed Guide to Smart Home Security and Secure Communications

Admin Admin
CyberSmarts for Seniors: Detailed Guide to Smart Home Security and Secure Communications

Smart home devices and messaging apps have made life genuinely more convenient, but they quietly collect more information about you than most people realize. Let us look at exactly where the risks are and what to do about them. The fixes are mostly one-time adjustments; after that, a brief monthly check keeps everything under control.

(A quick guide with the key points from this resource can also be downloaded as a PDF so you can read it anytime, even if you are offline.  Click here to download your copy.)

The goal of this article is to help you understand and actively manage the security and privacy settings of smart home devices and communication platforms. Ongoing vigilance is normal and expected in digital security.

I. Smart Home Device Security

Your smart speaker or video doorbell shipped with settings designed to make setup easy for the manufacturer, not to protect your privacy. That means the moment you plug one in, it is already sharing more than you might want. The good news is that every device covered here gives you meaningful control once you know where to find it.

Key Principle: Smart devices are essentially computers with cameras; they require the same security attention as your laptop. Note that default settings prioritize convenience over privacy.

A. Smart Assistant Privacy Deep Dive (e.g., Alexa, Google Assistant)

Amazon, Google, and Apple each store recordings of what you say to their assistants, and those recordings can sit on company servers for months or years unless you actively delete them. Each platform hides these controls in different places, and they move them regularly. The walkthrough below takes you directly to the right settings on each platform.

Finding specific settings can be challenging because operating system (OS) versions vary, and settings locations often change.

Platform

Access Method and Security Steps

Key Privacy Alerts

Amazon Alexa

1. Navigate to the Amazon app: More tab → Settings → Alexa Privacy → Review Voice History. 2. Demonstrate deletion (e.g., delete last week's recordings). 3. Review connected skills.

Amazon records everything after the wake word until the blue light stops. Even if you delete recordings, Amazon may keep transcripts for machine learning. Skills can access more data than you might expect, requiring individual review.

Google Assistant

1. Access is through your main Google account settings. 2. Navigate to myactivity.google.com to view comprehensive data collection. 3. Demonstrate filtering to see exactly what Google heard. 4. Set auto-delete settings (three months is a good compromise between convenience and privacy).

Google’s system provides a comprehensive view of data collection tied to your main Google account.

Apple Siri

1. iPhone settings: Settings → Siri & Search. 2. HomePod settings are found in the Home app, not the main Settings menu.

Apple processes more locally, but still collects data.

B. Smart Doorbell and Camera Security

A doorbell camera does more than record your front porch; it creates a continuous log of everyone who comes and goes, stored either in the cloud or on a device in your home. Without the right settings in place, that footage may be accessible to more people than just you. Two specific settings make the biggest difference, and both take less than five minutes to configure.

For any device that monitors your home, setting up two-factor authentication is non-negotiable.

Essential Security Practice

Details and Rationale

Account Configuration

Navigate to the privacy and security sections of the app. Review sharing permissions and be very careful about who has access to your camera feeds.

Motion Zones

Display or configure motion zones in the app to avoid recording your neighbours' property.

AI Training Opt-Out

Your camera footage may be used to train AI; you can usually opt out of this feature.

Advanced Concerns

Ask about data access policies (is the company watching?) and discuss encryption and strong passwords (can hackers access?). You can often show privacy mode scheduling.

Network & Storage

Consider the benefits of local storage (DVR systems) versus cloud storage. Your doorbell does not need to communicate with your laptop (use network isolation).

Audits

Check who has viewed your cameras monthly.

II. Secure Home Network Configuration

Your home network is the foundation of smart device security. Yet many people set up their router (the most crucial part of their home network) once and never look at it again. 

A. Advanced Router Security

Here's what's important to know: Your router is the device that brings internet into your home and shares it with every phone, computer, tablet, and smart device you own. Your router provides access to and therefore control of everything connected to your home network.

So a weak password or outdated software on that one device puts every other device at risk. You need to make sure you are the only one who can get into your router. To do so, you need to get into your router's settings. This is simpler than it sounds, and the address you need is likely printed on the device itself. 

Here's how to secure your router:

Step 1: Get Into Your Router's Settings

Look at the physical router sitting in your home. On a sticker on the back or bottom, you will find a web address and a default username and password. Here is what to do:

  • Open any web browser (eg Chrome, Safari, Firefox, or Edge) on a computer or phone on your home network.
  • Find the address bar and type in the address from your router's sticker. It usually looks like 192.168.1.1.
  • Press Enter. A login screen will appear.
  • Enter the username and password printed on the sticker. Common defaults are admin for both fields.
  • If the sticker details do not work, search online for your router's brand name followed by "default admin password." For example: "Netgear default admin password."

Step 2: Change the Default Admin Password Immediately

This is the single most important step in this guide. Factory passwords are publicly known; anyone can look them up. Once logged in, find the password settings and change them now.

  • Look for a menu called "Administration," "Settings," "Security," or "System."
  • Inside that menu, find the option to change the admin password.
  • Choose a password that is at least eight characters long, mixes letters, numbers, and at least one symbol such as ! or #.
  • Do not use your address, birthday, or anything easy to guess.
  • Write the new password down and keep it in a notebook at home. 

Step 3: Review Which Devices Are Connected

Your router keeps a list of every device using your network. Think of it as a guest list; you should be able to account for everyone on it.

  • Look for a menu called "Connected Devices," "Device List," or "DHCP Clients."
  • Go through the list and confirm you recognize each entry. You may see names like "John's iPhone" or "Samsung TV."
  • Make a note of anything completely unrecognizable.
  • If you cannot account for a device, your router's settings will have an option to block or remove it.
  • When in doubt, call your internet provider and ask them to help you identify it.

Step 4: Set Up a Guest Network for Smart Devices

Most modern routers let you run two separate networks at once. Keep your personal devices on your main network and put all smart home gadgets on a separate guest network. If a smart device is ever hacked, it stays isolated and cannot reach your personal files or banking information.

  • Look for a menu called Guest Network or Guest Wi-Fi and turn it on.
  • Give it a name different from your main network and set a strong password.
  • Reconnect your smart devices (speakers, doorbells, thermostats) to this guest network instead of your main one.
  • Each smart device's app will walk you through how to switch networks.

Step 5: Check Three Additional Settings

While you are already in your router's settings, take a few extra minutes to review these. Each one closes a specific security gap.

Wi-Fi Security Type

  • Look for a setting called Security Mode or Encryption.
  • Select WPA3 if available. If not, select WPA2.
  • Avoid anything labelled WEP; it is outdated and easy for hackers to break.

Firmware Updates

  • Look for a menu called Firmware Update, Software Update, or Advanced Settings.
  • Turn on automatic updates if that option exists.
  • If not, check for updates manually every few months using this same menu.

Remote Management

  • Look for a setting called Remote Management or Remote Access.
  • Unless you specifically need to access your router from outside your home, turn this off.
  • Leaving it on gives potential attackers an unnecessary way in.

Once you have worked through these five steps, your router will be significantly more secure than the vast majority of home networks. A quick check every three to four months is all the ongoing maintenance required.

III. Video Conferencing Security

Video calls have become a routine part of staying connected with family, managing healthcare appointments, and attending community meetings. But the same features that make platforms like Zoom, Teams, and Google Meet so convenient also create two specific risks that catch even experienced users off guard.

The first is uninvited people joining a meeting that was not properly secured. The second is accidentally exposing sensitive information during screen sharing; for example, an email, a bank statement, or a medical document visible in the background of your screen. Both risks are easy to prevent once you know which settings to adjust and what habits to build before, during, and after every call.

Scenario

Best Practices and Settings

Before Meeting

Check what is visible behind you (no sensitive documents). Verify you are on a secure network (avoid public WiFi). Keep your video applications updated frequently.

During Meeting

When screen sharing, close email, messaging, and financial applications first. Watch who joins and question unfamiliar names. Be aware of recording notifications.

After Meeting

Sign out of shared computers. Delete recordings you don't need, as they take up space and create privacy risks.

Zoom Specifics

Set up secure meeting defaults, and utilize the Waiting Room (your virtual security checkpoint). Know the difference in security between local recording vs. cloud recording.

Microsoft Teams

Use Lobby controls (which serves a similar purpose to the waiting room). Be clear about whether you are using an organization or personal account. Know that Teams recordings go to SharePoint/OneDrive.

Google Meet

Be aware that Meet has access to your entire Google ecosystem. Meeting details may be more visible than expected due to calendar integration privacy.

IV. Secure Messaging Applications and Email

When you send a regular text message or email, it travels across the internet much like a postcard travels through the mail: anyone who handles it along the way can read what is written on it. However, a process called "encryption" can change that. Encryption scrambles your message into unreadable code the moment you send it, and unscrambles it only when it arrives with the intended recipient. Nobody in between can read it. 

Many but not all messaging apps offer the protection provided by encryption. In fact, some popular ones actually make money by analyzing the unencrypted content of your messages to serve you targeted advertising. The platform you choose matters more than most people realize, and the sections below explain exactly what each one does and does not protect.

A. Messaging Platform Comparison

Platform

Security Features and Advantages

Limitations/Concerns

Signal 

It can be used without giving it access to all contacts. Set default times for disappearing messages. It is open source (security experts can verify encryption). Signal doesn't store messages on its servers and can't read your messages.

WhatsApp

Set up backup encryption for chat backups (a new feature). Review privacy settings buried in menus. Control who can see your number in groups.

Owned by Meta/Facebook, meaning metadata may be shared for advertising. Cloud backups were unencrypted until recently. Business accounts have different privacy policies.

Standard Messaging

iMessage encryption only works between Apple devices; it defaults to SMS otherwise. Messages sent from an iPhone to an Android are often not encrypted.

Requires constant monitoring of cross-platform challenges.

B. Email Security Deep Dive

  • Secure Email Providers: Consider ProtonMail (Swiss-based, end-to-end encryption, free tier) or Tutanota (German privacy laws, encrypted calendar). While Gmail/Outlook are not necessarily insecure, their business model is based on data analysis.

  • Safety Practices: Practice advanced phishing recognition. Hover before clicking a link, and look for subtle domain misspellings. Verify senders through other means if they send an attachment, as even PDFs can contain malicious code.

V. Essential Practice and Future Security

Security settings you configured a year ago may no longer be adequate, because the threats have changed and so have the platforms. A short quarterly review of your devices, your network, and your messaging apps catches most problems before they become serious. The checklist below tells you exactly what to look for and how long each item should realistically take.

A. Homework and Practice Assignments

To maintain security, regular reviews and updates are essential.

  • Device Security: Complete a security settings review on all smart home devices. Focus on screen locks, two-factor authentication, and privacy settings.

  • Secure Communication: Set up at least one secure messaging app (Signal is recommended) and practice using disappearing messages.

  • Network Review: Use a router app or Fing to review home network connected devices and remove any unrecognized ones.

B. Future-Proofing and Key Takeaways

The threat landscape is constantly changing, with emerging concerns including AI-generated scams (deepfake audio/video), smart home device hijacking, and supply chain attacks. New technologies like VR, advanced AI assistants, and health monitoring integration make medical data privacy increasingly important.

Essential Security Practices Recap:

  • Smart devices need the same security attention as computers.

  • Default settings prioritize convenience over privacy.

  • Regular reviews and updates are essential for ongoing security.

  • No security measure is perfect—use multiple layers of defence.

Some risk is acceptable; the goal is informed decision-making based on your comfort level.

.

Return to the CyberSmarts for Seniors Introduction:

CyberSmarts for Seniors: Practical Lessons to Build Digital Confidence and Safety

.

This resource is part of the CyberSmarts for Seniors Project, funded in part by the Government of Canada’s
New Horizons for Seniors Program and ELNOS, and delivered in Elliot Lake by Raknas Inc. and Golden Voices, the seniors-focused division of the DiversityCanada Foundation.

.

Download PDF

How to download a quick guide with the key points of this article as a PDF:

—Click the File Name below (in blue).

— If your device is set up to download automatically, the file you just clicked will be saved where your downloaded items can be found (usually in your Downloads folder or Desktop).

—If your device is not set up to download automatically, a dialogue box should pop up.

Click Save.

—According to your device settings, the file may now be saved where your downloaded items can be found (usually in your Downloads folder or Desktop).

—Alternatively, your device may show you a window, and you will have the chance to choose a location where you want to save the file. Choose a place that's easy to find, like Downloads, Documents, or Desktop.

The PDF will be downloaded to your device.

—You can now open it anytime in the future, even without an Internet connection.

Files