Baby monitors – an unexpected employer risk

One research firm says the “harmless” home gadgets could pose a serious security risk to employer networks.

Baby monitors – an unexpected employer risk
Over the past few years, employees have increasingly identified flexibility as the most desirable workplace perk  and just one of the ways HR leaders have responded is with bumped-up maternity and paternity packages.

Now, it seems there may be a hidden risk to letting doting new parents work from home – baby monitors.

In a recent report, Rapid7 – a Boston-based security data analytics company – reviewed nine models which let users check-in via a smart phone or other device. All were found to have critical vulnerabilities.

The researchers, who spent several months analysing the devices, then scored them on a 250-point scale for overall security and translated the scores into standard academic grades. Eight of the models received an F and one got a D.

According to the report’s authors, these weaknesses have the potential to expose employer networks to hackers – in turn leaving valuable and sensitive data unprotected.

The Rapid7 report stresses how shaky security is when it comes to physical electronic objects embedded with electronics, software, sensors, or connectivity – often referred to under the umbrella term ‘the Internet of Things.’

"IoT devices, unlike traditional computers, often lack a reasonable update and upgrade path once the devices leave the manufacturer's warehouse," wrote Mark Stanislav and Tod Beardsley, adding that the networks such devices are connected to are rarely used to deliver security patches.

This, they warn, is a serious problem.

Since many homes now double as second workplaces, those weaknesses are not only putting personal data at risk, but organizational data.

“We advise individuals to use any camera that has not been fixed for identified issues or weaknesses sparingly—or preferably not at all—until the vendor is able to fully address identified problems," the researchers wrote in an FAQ.

"If a baby monitor allows a password to be changed, the device owner is highly encouraged to ensure that they do so and make a strong password to protect access,” they added.

The models reviewed included:

·         Gyonii (GCW-1010)
·         iBaby (M3S)
·         iBaby (M6)
·         Lens (LL-BC01W)
·         Philips (B120/37)
·         Summer (28630)
·         TRENDnet (TV-IP743SIC)
·         WiFiBaby (WFB2015)
·         Withing (WBP01) 
 

Free newsletter

Our daily newsletter is FREE and keeps you up-to-date with the world of HR. Please complete the form below and click on subscribe for daily newsletters from HRD Canada.

Recent articles & video

HRD launches game-changing website redesign

More employers offer flexible benefits with HCSA

Is your workplace culture toxic?

The biggest barrier to Canada's digital transformation

Most Read Articles

Another termination clause bites the dust in superior court

What does an exceptional leader look like?

Why creating a psychologically healthy and safe workplace is crucial