The big box store "smart" home offerings are almost always a cloud based product.

This means that your internet needs to be connected 24/7 and if your internet goes down your home will be beyond your control. These products are closed source so you do not know who is watching or what they are doing with your information.

You might buy a doorbell that you can hear ring on your phone, see and talk to your visitor, but who else can too? You might buy a camera that you can watch your house remotely, but who else is watching too? That smart hub you bought to control your lights, where is that data going? When you connect your smart garage door why do you have to connect to the internet and some website to open or close your garage?

So many questions and so few answers. In fact non of these manufactures take any responsibility for anything. If you read your ELUA you can see they could burn your house down and have zero culpability.

So what is the right way? ZERO CLOUD DEVICES. Accept nothing less than no internet connected devices. If you want to connect to your devices you design the access. You wouldn't let someone else dictate the type of locks you put on your home, don't let them dictate you having to use their service. It is your home.