[gerdesj]

There is nothing wrong with IoT stuff provided that care is taken in deployment. You can do it yourself or you could get me to install it instead as a ... a ... hmmm ... IoT accredited errr ... what standard is appropriate?

As it turns out I am personally CREST accredited and run a small IT company with ISO9001, 27001 and advise on PCI DSS and the like. I bathe in tin foil.

In the UK we have a pretty simple standard called Cyber Essentials and a higher one called Cyber Essentials Plus. https://www.cyberessentials.ncsc.gov.uk/ why not give it a go? Even if you are not from the UK then there is some good advice there - https://www.cyberessentials.ncsc.gov.uk/advice/

Anyway, VLANS and firewall and self hosting is the key to my idea of a decent IoT smart home. Also I insist on manual controls if the controller is down. I also do a proper risk assessment on each device.