As a wider variety of personal computing devices are used more extensively, contemporary home networks can include not only desktops, laptops, smartphones and tablets, but also smart appliances, wearable computing devices and other types of so-called Internet of Things (IoT) devices. With the proliferation of IoT devices and the like, the number of attack vectors in a home network is increasing. Many of these newer types of computing devices have weak security, or lack security altogether.
More specifically, the Internet of Things (IoT) refers to a network of physical objects or “things” equipped with computing hardware and software, including the ability to connect to a network and run computer instructions. Household items such as smart thermostats and appliances, as well as sensor-equipped wearable devices, are a few examples of currently popular IoT devices. New IoT devices are rapidly becoming available and adopted by household users. By the year 2017, the average number of connected devices per household is projected to grow to 25 devices, and to 50 devices by the year 2020.
IoT devices are in fact networked computing devices, albeit typically with relatively low amounts storage, memory, power supply and processing capability, and frequently with no display. Another key characteristic that most of these first generation connected IoT devices share is low security. The manufacturers of these first generation IoT devices (many of which are already on the market) tend to have little or no experience building secure software. Additionally, as time to market of new devices is a priority for manufacturers in this area, security is often neglected. As networked computing devices, IoT devices are vulnerable to malware, network attacks, data theft and the other security threats to which other networked computers are subject.
More established types of personalized computing devices in a home network such as desktops, laptops, smartphones and the like may contain security in the form of individualized endpoint applications running on the individual devices. Different ones of these devices can provide varied security capabilities, as well as differing hardware and computing resources. However, running the security capabilities and computing resources of these devices as independent endpoints limits the ability to provide robust and scalable security services for all of the devices within a personal network, such as a user's home.
It would be desirable to address these issues.