Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3


February 17, 2021 |

Work-from-Home IoT Security

The need to clear the IoT device security minefield on home office networks is a challenge and an opportunity for channel pros.

WHEN WORKERS were sent home at the start of the coronavirus lockdown, few companies had a plan to provide secure remote tools. Fewer still had a way to examine and secure home networks littered with Internet of Things devices like video doorbells, smart assistants, bathroom scales, and more that could ride the company VPN back to HQ. Now that work from home may continue indefinitely, managed service providers need to start including IoT under their security umbrella.

How many home-based workers have some type of IoT on their network? “I’d say all of them,” suggests Cary Wagner, technical operations director and CEO of Pacific NorthWest I.T. Services in Coeur d’Alene, Idaho.

A big challenge is that there’s no strict standard of security across all the different IoT manufacturers, explains John Hammond, senior security researcher at security services firm Huntress Labs. Every Google Nest Mini or Amazon Alexa is an attack vector, and that doesn’t include items you might overlook, such as a garage door opener you can control with your phone.

“Since you can’t control IoT devices with a mouse and keyboard, some sort of remote access to manage and configure the devices is needed,” Hammond says, adding that those admin portals are well known to hackers.

Al Alper

Another challenge is getting businesses to shore up their workers’ home networks. “We have 150 clients, and I can count on one hand the number who asked us to configure an employee’s home network,”” says Al Alper, CEO of Absolute Logic, a managed service provider in Wilton, Conn. “For the three or four who asked, we changed default usernames and passwords on home routers, set up a guest Wi-Fi network for all the IoT devices, and added endpoint security software everywhere possible.” This approach is more affordable for home use than a firewall with unified threat management (UTM), which is more appropriate for the corporate network.

Alper says it’s possible to reset usernames and passwords on existing home networks remotely, so MSPs don’t always have to send a technician to the home. He likes to add a Sophos RED (Remote Ethernet Device) to the firewall at the company’s headquarters to provide UTM to the home network. He’s also seen a marked increase in remote desktops over Windows Virtual Desktop on Azure.

MSPs should convey to their customers that securing a home network doesn’t require a “rip and replace,”” Alper adds.

Wagner’s first security fix for home IoT is “to get a firewall, and configure it to deny all, and only open up what you need.”

Hammond suggests MSPs have a policy to check and install new firmware, patches, and hotfixes to all the IoT devices possible. “Of course, the ‘security basics’ never die, so check for hardcoded or default credentials set on the remote access modules of IoT devices.”

MMR Opportunity

MSPs and integrators can turn home network security into MRR in many cases. Alper, for instance, bundles any new equipment customers need with setup services and bills for ongoing management per home user monthly. “If they need to upsize the HQ firewall, you’re in the black from the jump,” he adds.

Mike Jack, senior manager of product marketing at telcom company Spirent Communications, suggests channel pros can offer services that help companies enforce at-home IT device strategies. “”Work with IT organizations to put better rule sets in place to segment remote users from corporate assets,” he explains.

Training and education can be part of the solution as well, says Wagner. “You can’t treat them like your worst enemy but their best friend if you want to get them to change. Human beings are our own worst enemy.”

Finally, Alper points out that “users in the office don’t think about network security, and it’s more of the same when they go home.” Therefore, having a plan in place that includes WFH security instructions, hands-on and remote configuration and monitoring services, IoT security practices, and affordable equipment upgrades where needed can keep users just as obliviously safe at home as they are at work.

Image: iStock

Editor’s Choice

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

Asigra Makes a Splash with New SaaS App Data Backup Platform

June 3, 2024 |

Asigra’s new SaaSAssure platform offers MSPs comprehensive, secure, and easy-to-use backup solutions for SaaS apps, addressing a critical market need and providing an unparalleled opportunity for revenue.

Peer to Peer: John Kampas on Why EMPIST Thrives — Plus, 1 Mistake Too Many MSPs Make

May 31, 2024 | John Kampas

How prioritizing customer protection and technological empowerment helped EMPIST evolve into a “managed technology provider” with an international presence.

MSPs React to Comprehensive, Aggressively Priced Kaseya 365

May 1, 2024 |

Hear from MSP peers on the launch of the new Kaseya 365 program — designed to provide a crucial package of tech services at an affordable monthly price.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience