1. Did you change the camera's default password before installing?

Yes No / Not sure

Cameras with default creds are the #1 IoT botnet recruitment target.

2. Is the camera firmware on its latest version?

Yes No / Not sure

Check monthly. Old firmware = public CVEs.

3. Is MFA enabled on the camera's cloud account?

Yes No / Not sure

Ring, Nest, Wyze all support it.

4. Is the camera on a segmented network (guest WiFi / VLAN)?

Yes No / Not sure

Isolate IoT so a compromised camera can't pivot to your laptop.

5. Are the camera's cloud-account passwords unique (not reused)?

Yes No / Not sure

Reused password + breach = someone watching your living room.

6. Have you disabled features you don't use (two-way audio, motion zones)?

Yes No / Not sure

Reduce attack surface to what you actually need.

7. Is the camera's USB or local-access port physically secured?

Yes No / Not sure

Indoor cameras near doors are a physical tamper target.

8. Have you reviewed who has login access to the camera account?

Yes No / Not sure

Ex-partners, old roommates — remove their access.

9. Is the brand actively receiving firmware updates?

Yes No / Not sure

Abandoned no-name cameras from Amazon often never update. Swap them.

10. Is the camera's line-of-sight reviewed (not pointing at sensitive areas)?

Yes No / Not sure

Cameras pointed at keyboards, whiteboards, or locks are a data exposure.

11. Do you know where the cloud footage is stored (US, EU, other)?

Yes No / Not sure

For legal and privacy reasons, know your vendor's data residency.

12. Can you physically disconnect / unplug the camera when needed?

Yes No / Not sure

Smart plugs or accessible outlets give you a physical off-switch.

Smart Camera Risk Checker