FBI recommends that you keep your IoT devices on a separate network

Until there are criminal penalties for data leaks and badly architected or insecure devices, there will be no IoT devices in my home. When the incentives are purely to lower costs, of course security will be neglected. And using a separate network is a very poor stopgap that might help, but is not really a solution in any sense of the word.

As soon as my family expressed an interest in IoT devices, my compromise was the devices had to be on a separate network. I bought an inexpensive managed switch and set up a vlan specifically for our IoT devices. Our firewall segregates the IoT traffic from our LAN. Although I'm still not crazy about the potential privacy implications of Alexa devices and the like, I sleep a bit better knowing they do not have access to anything but the internet.

Until ISPs ship a modem/router combo that makes it easy for the average consumer to set up segregated networks, I don't think too many people are going to heed the FBI's advice.

There could be a business opportunity here in selling router that ease the gap between consumers who know nothing about networking and implementing better iot security -- if they can sell the fear.