The Internet of Things for homes (home IoT) creates unique security challenges. Home IoT devices often interact with multiple people under the same roof and are equipped with various modalities. They do not only react to commands from the user, but also from the environment, which increases the attack surface and changes the threat model. The highly fragmented ecosystem of home IoT devices only makes things worse, making it harder to find a solution that fits all devices. Traditional security approaches fail in these challenges because they are designed for conventional computing devices like computers or smartphones, which are mostly used by one user with proper screens and keyboards. These characteristics make mechanisms like access control and authentication much more manageable. On the other hand, traditional computing devices are general-purpose, making enforcing allowlists of network traffic impossible. This is no longer the case for home IoT devices, and new strategies must be employed. Responding to these emerging challenges in the home IoT, we create a road map about how to make a home IoT system secure and usable on different levels. We are mainly interested in devices' interactions with the external world, such as users, the physical environment, sensors, and remote servers. With such emphasis, we divide a home IoT system into three parts: user & software, environment & hardware, and network. For the user & software part, this thesis elicits requirements for access control systems that handle users with complex relationships and constantly changing contexts. For environments & hardware, this thesis creates a framework for context sensing, systematizing contexts and their required sensors, along with their security, privacy, and usability characteristics. In the network part, this thesis maps the design space of creating network allowlists that successfully generalize.