Many of today’s households have enough connected technology to keep a small IT department busy.
This realization just kind of struck me the other day, as I was setting up yet another “smart” device with access to our home Wi-Fi. How many did we have now? At work, I have just two devices and an entire corporate IT department to support them. At home – who knew? Could any of them be a weak link, exposing our family and our information to unnecessary risk? With all the reports of increase in ransomware attacks and identity theft, I needed to become more aware and hands-on. It was time to take stock.
A quick count revealed a list quite a bit longer than I expected:
- 3 laptops
- 1 desktop computer
- 3 tablets
- 1 NAS server
- 1 Wi-Fi printer
- 2 gaming consoles
- 2 smart TVs
- 2 smart TV boxes (for the other, not-so-smart TVs)
- 1 smart universal remote control
- 3 smart phones
- 2 fitness/activity trackers
Total devices: 21. Wow. In our family of 3, connected devices outnumber humans by 7 to 1!
Most of these devices connect to the internet via our home Wi-Fi router and the gateway/modem provided by our Internet Service Provider (ISP). While most connections to the internet are initiated by us humans, many devices also automatically download and install software updates from the internet. Even our printer and some of the TVs do this.
What makes the home network more complex is the fact that many of these devices also connect to each other. For example, the laptops can print to the printer, and the printer can scan to the laptops. Likewise, the gaming consoles, the TVs and TV boxes have access to the NAS server to stream movies, but the NAS server is also connected to the laptops which hold a lot of confidential information as well as dozens of logon credentials in the browser cache.
How secure are these devices? The three home computers have antivirus, malware protection and firewall software installed, but the rest of the 21 devices do not. How do I know if they are secure?
Securing them is not a trivial matter. Even the simplest of these devices run a range of software including firmware, operating systems and third-party applications. In addition, even the commercially developed software on these devices usually includes a number of open-source modules not developed or maintained by the device manufacturer or the commercial software developer. This diversity of software on the device leaves a lot of potential security holes for hackers to discover and exploit.
Performing regular software updates on the devices can help mitigate some of the threat. However, I quickly found out that many manufacturers no longer create updates or security patches for older products. One such example is one of my early smart TVs from Vizio. Some years ago, Vizio had abandoned the app software platform they were using in favor of another one, and as a result, the apps and software on this TV have not been updated in the last 6 years. This TV still works fine as a TV, but given the age of its software, I should consider it to be a weak link in my home network and disconnect it from the network. Instead, I will connect it to a smart TV box like Roku, which leverages a more popular software platform that will be supported and updated by the manufacturer for some time.