This is how you can secure your internet of things (IoT)

Always create a separate network.

• Don't connect your device to internet unless you need
•  keep different passwords for each device.
• Make sure your Firmware fully updated.

Don't Keep your personal IoT devices to work.

 1. Secure by Default

• No default passwords shared between devices, or weak out of the box passwords.
• All passwords should be randomly created using high quality random number generators.

Advanced features utilized by a small percentage of users should be turned off (VPN, Remote Administration, etc.)

2. Secure by Design

• Firmware should be locked down, so serial access is not available.
• Secure Element (SE) or Trusted Protection Modules (TPM) devices should be used to protect access to the firmware and hardware.   All GPIO, UART, and JTAG interfaces on the hardware should be disabled for production versions.NAND or other memory/storage mediums should be protected with epoxy, ball sockets (so the memory cannot be removed and dumped), or other methods to prevent physical attacks

3. Self-contained security

• The devices should not rely on the network to provide security. Rather, the device's security model should assume the network is compromised and still maintain protection methods. This can be done with prompts to the users to accept handshakes between devices trying to access other devices on their networks. Communication between devices should be encrypted to prevent MitM attacks and sniffing/snooping.