Computer Security: It's Not Just For Computers Any More
from the who-should-do-it? dept
My parents recently bought a new computer, and while visiting them last week, I helped them get it set up, including all the various security applications and settings they would need. Thanks to some weird configuration issues from the manufacturer, it took a bit more tweaking than it should have, but eventually we got it figured out. Amusingly, the timing of the computer purchase was done on purpose. They knew I was coming to visit, and bought the computer in time for me to be there to help them get it set up safely. That can work for a once-every-few-years type of purchase like a computer, but it gets much trickier when you need to set up security for just about everything electronic in your house. As we’re moving towards a world where everything is connected, from your computer to your TV to your phones (both mobile and wireline) to your fridge to your alarm system to your light switches, it’s simply asking way too much of individuals to handle their own computer security all the time. Who wants to reinstall anti-spyware software on each light bulb they change? It’s getting to the point where do-it-yourself computer security is getting to be too big of a job for most people, and they’re going to increasingly look to someone for help. Most likely, that “someone” is going to be their broadband providers. While some still say that if you’re going to use the technology, you should have a basic level of competence, the truth is that that’s unlikely to happen, and people are still going to be expecting the problems to get fixed — and the three most likely targets are the broadband providers (they bring the connection), the software providers (they leave the security holes) and the hardware providers (people identify the device with its manufacturer). Unfortunately, right now, all three seem to be playing the blame game. Call one up to complain about problems and they send you to the other. Instead of passing the blame, someone needs to step up, and start offering better solutions for protecting everything that will be connected to a user’s network (whether at home, at work or on the go). If they can do so successfully (no small challenge) customers will flock to them.
Comments on “Computer Security: It's Not Just For Computers Any More”
Who's going to eat the cost?
The only way people are going to get their computer security handed to them on a silver platter is if they pay for it.
In the current market environment, many companies are walking that very thin line between charging just barely enough to show a profit and charging too much and losing customers to a cheaper competitor.
About the only way someone is going to be able to offer computer security is as an optional support package with an ongoing monthly or annual subscription fee.
There are a lot of us who are technical enough to figure out our own security solutions and would resent a $10/month surcharge on our ISP bill to cover security services.
Maybe that’s the next big marketspace for unemployed IT people to jump on – door-to-door computer security consultants!
Re: Who's going to eat the cost?
Actually, I’m wondering why ISPs haven’t caught on to the idea of enhanced security as a competitive advantage against other ISPs. In other words, suppose AOL or Time Warner’s Roadrunner ISP actively scanned their network for users that are vulnerable and (one way or another) informed or patched those user’s systems. An alliance with Symantec or McAffee ought to be compelling to the non-tech masses.
IP connected lightbulbs?
OK, predicting a George Jetson future is just not going to happen any time soon. We’ve been hearing about too much connectivity for too long, and I seriously doubt we’ll see it any time soon.
That said, the current solution of the “geek in the family” security solution seems to work for some. Getting anyone to pay for security is not really effective, because we’re still going to get blasted by the zombie machines of the lonely geekless families.
jason
Why...
Do people think everything has to be directly connected to the internet? I don’t believe anything in the house other than a firewall/router needs direct connection. Everything else can have a local IP address. If it needs connecting to from the outside, set it up on the firewall/router and limit who/what/where can connect to it. This is why we’re running out if IP’s. There are too may unnesessary devices with a valid IP. IP’s should be handed out like address. One building == one address. Maybe, just maybe, a building with multiple companies, each company can have their own IP.
Re: Why...
I think the problem here is that in order for a networked fridge or VCR to be useful, it has to be accessible from anywhere. If you’re behind a firewall router (and God help you if you aren’t) that means you have to set up port forwarding. Which is exactly the sort of thing my dad doesn’t know how to do.
Re: Re: Why...
I think your dad would find it easier to learn how to do port forwarding than to tackle security settings on each and every device that needs a connection. Insted of having to learn how to set each device (knowing there will be no standard), he’d only have to learn one time how to forward a port. You think the internet is bad now with all the misconfigured Windows boxes out there? Wait until there are millions of fridges, VCR’s, stoves, etc. out there hanging directly off the net.
Exactly what we are seeing on the street...
We are actively involved with our school PTA and I get flooded with questions from parents because I happen to be a technical person. I am floored at the number of people that have:
– no anti-virus or anti-spyware running
– unsecure wireless network (using all of the defaults and available to wardrivers
– no clue that the “14 year-old” that there kid is chatting with online is really a 49 year-old man
So, we started seminars that teach parents this information. We do them at the schools, often when other events are happening. It has proven tremendously helpful to them.
Education is the key and we cannot rely on the big players to help. They are way too stuck in their “ROI” mode and this type of help brings no (short-term) ROI.
You can see our resources on the link above if you know of anyone who can use them. We are adding to them each week after the seminars to help.