December 16, 2015 By Douglas Bonderud 3 min read

Looking for something to get a tech lover this holiday season? Do a quick search and gift guide after gift guide pops up, all claiming they’ve got the perfect gift for the IT admin or tech hobbyist who has everything. The problem? When it comes to connected devices, most holiday roundups focus on function over frontline defense, speed and mobile security. Here’s a list of the best (and worst) devices for that special, technical someone.

Toys and Cameras

Want to drive techies wild? Get them a Wi-Fi-enabled toy for their child or a camera-equipped baby monitor. Why? Because the companies making these devices are often more concerned with time to market than ensuring a secure connection, meaning there are often gaping holes in cybersecurity even after toys and gadgets are loose in consumer wilds.

Consider problems discovered in a child’s doll: TechNewsWorld reported that security researchers discovered it was possible for cybercriminals to not only access system information, Wi-Fi network names, MAC addresses and account IDs, but also change the prerecorded MP3s played by the doll in response to questions.

There are also problems with connected camera devices such as baby monitors. Several stories surfaced this year about monitors’ audio or video streams being hacked and causing panic for parents. According to CSO Online, in fact, security firm Rapid 7 found every monitor it tested earlier this year had “significant security problems,” such as the complete absence of data encryption, which made exploiting any vulnerabilities “trivial” for a competent cybercriminal.

Bottom line? Connected toys and baby monitors might be funny as a gag gift, but otherwise expect techies to grimace, force a smile and then recycle the gift rather than run the risk.

The Gray Area

A potentially viable gift idea this holiday is something like the Amazon Echo, which connects to the retail giant’s cloud and allows users to ask it virtually any question simply by saying “Amazon” or “Alexa” in the same room as the device. The more questions asked, the more accurate the responses and the better its overall performance.

As noted by SlashGear, there are concerns over the process of background listening even when users haven’t turned on the device, along with worries about how long Amazon keeps query data — ostensibly used to better understand user questions. The bottom line? Connected devices like Echo, along with other question-and-answer devices, are a gray area.

Think of them like iPhone’s Siri: If the intended recipient thinks the virtual assistant is a bridge too far when it comes to privacy, best to skip the Echo and opt for a nice gift card instead.

Connected Devices: The Possible Contenders

So what’s out there for techies that won’t make them go crazy with worry? There are a few options.

Secure Smartphones

If you’re looking for a secure smartphone, the Blackberry PRIV is a good choice. The Canadian smartphone company is pushing its newest model — and first Android phone — as one of the most secure options on the market. According to Softpedia, key security benefits include signed digital keys at the manufacturing level to ensure device integrity, improvements to the Address Space Layout Randomization (ASLR) security method independent of Android versioning and Pathtrust utility designed to prevent untrusted code from breaching the device via malware.

Secure Routers

Security for routers is all over the map, with some companies making it easy for cybercriminals to gain access unless settings are changed while others take the time to lock down specific features before shipping these devices to consumers. As noted by Computerworld, the D-Link DIR860L router is one of the better choices on the market, with solid CAPTCHA protection against password guessing — it isn’t fooled by changing browsers — and support for HTTPS. In addition, it’s possible to schedule Wi-Fi connectivity and block local HTTP remote access by enabling LAN-side HTTPS.

Secure Printers

One option for a secure printer is the cloud-enabled Samsung MultiXpress 3, which forgoes standard printer drivers in favor of cloud access to make document printing and sharing as simple as possible. When it comes to security, users can choose to input a local PIN or release documents wirelessly via Samsung’s near-field communication (NFC) technology.

Nymi Band

The Nymi Band is available as a discovery kit right now, making it the ideal gift for developers looking to get their feet wet in wearables. The big idea? Using an individual’s unique electrocardiographic (ECG) signature to act in place of passwords or PIN numbers. While the Nymi looks like a fitness tracker, the hope is to leverage it as a conduit between mobile devices and secure access points to provide an authentication token that can’t be replicated or faked. Will it pay off? That’s up in the air right now, but this is an outside-the-box tech gift security lovers won’t expect.

Connected devices are a hot commodity, but burgeoning Internet of Things (IoT) infrastructure and the drive for decreased time to market conspire to make many of these gadgets insecure at best and severely vulnerable at worst. This holiday season, steer clear of toys and cameras, ask for opinion before choosing a connected voice device or opt for devices with better-than-average security features.

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today