Gov’t slams hardware manufacturer with lawsuit

The security of routers, network appliances and other connected devices takes center stage once again. 

The Federal Trade Commission has hit Asus with a lawsuit in response to a 2014 incident in which it was alleged several security shortcomings led to users having personal information and certain files stolen from the company’s routers.

Now, the lawsuit mandates that Asus set up a security program to test its systems for weaknesses and report on the results for the next 20 years. It also has to name security professionals responsible for securing systems and do a better job of alerting customers when a product has a patch or update available.

Now more than ever

The practice of making security an afterthought for connected devices is nothing new. Just recently, researchers named and shamed some offenders.

Whether it’s weak default passwords, poor security built in, failing to patch vulnerable systems or some combination of those and more factors, IT would be wise to be skeptical of any devices it puts on its network.

And the Internet of Things (IoT) is another big push into this arena. These devices are often hackable and not always given prompt security updates. Some have weak security to begin with.

It’s important to evaluate the security of any devices before bringing them onto your networks. Check with the manufacturer to see whether patches are updated regularly, only in emergencies or not at all.

And remember if there’s a consumer-grade option, it may not be updated as frequently as business-grade.