Keeping up with news alerts about cybersecurity flaws in consumer electronics is a lot like picking up spilled jelly beans one at a time with a plumber’s wrench. Even if you figure out how to do it and have endless patience, a few will skitter out of sight.
Assume for the moment that, unlike most people, you think a lot about cybersecurity and you do your homework before buying a connected device. (I know. This is a truly ridiculous proposition. But let’s just say it’s the case.)
As you prepare for Cyber Monday, make cybersecurity part of the purchase process. What does your thinking about cybersecurity look like? What form does it take? Perhaps you like to use a search engine to see if there have been any obvious problems associated with the product, service, or device you’re considering. And by problems, I mean specifically cybersecurity and privacy issues.
This simple action can save you from a time-consuming hassle later. Security lapses abound. It’s your job to know about them.
Your Role in Cybersecurity
If you think this sort of research is too hard, relax. It’s easy. A simple search using the name of the item in question as well as terms like “compromise,” “privacy,” and “breach” is a good place to start.
For example, maybe you’re thinking about giving someone a credit monitoring gift that protects them from fraud. You might do the following searches:
- “Equifax hacked”—About 901,000 results (0.58 seconds)
- “Experian hacked”—About 128,000 results (0.63 seconds)
- “TransUnion hacked”—About 62,800 results (0.37 seconds)
Now, bear in mind, many of the search hits on Experian and TransUnion (both of which offer sophisticated monitoring programs) come by way of obligatory mentions in the coverage of the Equifax compromise.
You’re Still Not Safe
Let’s say you get a connected cam to monitor an aging parent. There are some basics to consider. You’ve got to assume, for example, that Mom may not want to be the star of a Russian reality TV show called something along the lines of “Stupid Americans I Have Hacked.” But you also have to assume it could happen.
If you did your homework right, you know there’s been a problem with many plug-and-play webcams involving the use of manufacturer default passwords.
Checking for known security issues or a history of poor security is important, but there is still more work to be done before Cyber Monday to make sure you’re not giving someone a gift that robs them blind, opens them up to public ridicule, or simply embarrasses them.
The Most Important Question
That camera with seemingly perfect security you got your mom could become a live feed to her own version of The Truman Show for an avoidable reason: the cam wasn’t patchable. This means that when a security flaw is discovered, there is no way to protect the cam because it cannot receive security patches.
You’ve read privacy policies online and have made sure the product you’re thinking about doesn’t get significant revenue by selling data collected from this or that smart device, but the item also needs to be patchable.
Many companies do a very good job. Contrary to the folklore about planned obsolescence at Apple, the company is excellent at supporting older devices and operating systems, and it is a top player when it comes to security patches.
Let’s focus on gadgets. If the connected device you’re considering is not properly maintained after the launch of later generations of that product or a related service, keep looking for a device that does.
And ask, Is this connected device patchable?
This Cyber Monday, the only way to find those errant jelly beans mentioned above is to do the requisite research.
While nobody has the time to read every news item about product security, with the holiday shopping season upon us, it’s imperative to think about cybersecurity basics.
Data breaches and other compromises are the third certainty in life, right behind death and taxes. The simplest way to avoid falling prey to products and services that offer shabby or nonexistent cybersecurity? Don’t buy them.
Adam Levin is chairman and founder of CyberScout and co-founder of Credit.com, where this article originally posted.