The Security of Legacy Devices Should Not Be the Bane of ISPs

The Internet of Things (IoT) ecosystems may be populated by all the latest and innovative devices, but it’s also home to legacy devices, which in many cases, are points of entry for adept hackers looking for a way into the infrastructure.

The term “legacy” describes old devices that are no longer updated or in production. While it’s usually applied to actually old devices, that’s not always the case. Sometimes, “old” could mean a device released a couple of years ago, whose manufacturer went out of business, leaving customers with unsecure hardware that will never again receive an update.

In fact, legacy devices are a bad omen for both people using them and Internet Service Providers (ISPs) when those devices are connected to the Internet. The customer’s position is clear. They bought a device that fulfills a particular function, and it might work as intended. But old age comes with security issues.

So then – who’s responsible for the security of legacy devices? Or more precisely, who can stop them from being commandeered by hackers or used for other nefarious purposes? You might think that consumers don’t have much choice in the matter; it’s not like they can issue security patches for their legacy devices. Fortunately, that’s not entirely true. Users do have a choice in this matter, and ISPs are directly affected by the customer’s decision.

Age is not a death sentence

Ideally, legacy devices should always be replaced with newer versions or at least with hardware that still receives updates. But that’s not always possible for a variety of reasons. This means users have to seriously consider their security when connecting such an old device to their networks. Is the potential benefit worth the security risks?

Consumers have two choices if they want to protect themselves and their networks. They can:

  1. choose to buy a smart router that’s capable of monitoring all the connected devices, or
  2. choose an ISP that will offer this type of service for them along with the home gateway.

Just because you have old devices that still work and perform their functions doesn’t mean that you need to replace them. Leaving aside that it might not be a viable solution for everyone, the security can be taken over by the router, which leads to the obvious question. Are today’s ISPs offering any kind of protection for IoT devices?

ISPs beware, security is no longer the job of others

There was a time when the ISP would simply offer people access to the Internet. Customers would get an Ethernet cable up to their door and they had to plug them into their own routers. As time went by, ISPs began to offer their proprietary routers and, odds are, you’re using one those at home right now.

But the hardware ecosystem evolved and hackers with it; IoT devices are now one of the main vectors for DDoS attacks, and in most cases, people have no idea that their devices are being used in vast malicious bot networks.

The user’s security was their own job, but that’s changed. People no longer have full control over the devices they use, and that’s particularly true for legacy devices, which should be already recycled in many situations. Now, ISPs are beginning to feel the weight of securing their own networks, which also happen to include the networks of their customers.

A comprehensive security solution such as the Bitdefender IoT Security Platform is designed to provide ISPs with an edge that allows them to provide their customers with the security they need and protect their own infrastructure at the same time.

The security platform’s implementation onto smart routers offers the ISP and customers alike a number of features targeted at the exact problems legacy devices pose. For example, unpatched and old IoT devices will be quickly identified, and the user will receive a report on potential vulnerabilities and how to fix them.

The technology offers other essential features for ISPs, such as brute force protection, DDoS protection, exploit prevention, and much more. And the technology already works with existing hardware. Its modular nature also allows ISP to choose what they want for their customers.

Providing customers with security features out of the box is a clear advantage over any competitor, not to mention that companies will avoid costly in-house development and other support costs.

The Bitdefender IoT Security Platform is the answer for when a customer asks the ISP that important question: “What are you doing to protect my home?”


[Interested? Get in touch]

*** This is a Security Bloggers Network syndicated blog from Business Insights In Virtualization and Cloud Security authored by Silviu STAHIE. Read the original post at:

Cloud Workload Resilience PulseMeter

Step 1 of 8

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)