Security and smart devices: how to protect your smart home from hackers

When you buy and share data with an internet-connected smart device, such as a smartphone or internet router, you obviously want to be assured that your data will be protected. 

That requires robust design with security in mind, and long-lasting support to protect against hackers and cyberthreats. 

Sadly we know from our security testing that neither of these are guaranteed, and that far too many brands are abandoning devices too soon after launch. 

Unique Which? tools and advice can help you make a smart device purchase from a brand you can trust, and that'll have your back in years to come.

Tech tips you can trust – get our free Tech newsletter for advice, news, deals and stuff the manuals don’t tell you.

Why does smart device security matter?

Security isn’t always front of mind when tech brands release new products. 

Over the years we’ve shown exactly how big a problem this can be with a wide range of investigations, including how a smart home can be at risk from hackers, and how online marketplaces could be flooded with insecure smart products. We've even shown how big brand tech can put you at risk, underlining the importance of adequate and clear support periods, so vulnerabilities can be fixed.

Avoiding these risks involves well designed products with robust security, and a commitment to support these devices for a long enough period of time.

A new law to improve smart device security is due to come into force, which will mean brands must commit to transparency around support. Until this time though, we can help inform your next purchase.

How long do popular tech brands support products?

It’s natural to want to buy a product that lasts – and in the case of smart devices, this needs to include support and updates from the manufacturer to protect against emerging threats.

We contacted over 100 smart device brands to ask how long they will support their products with important security updates, but less than half were willing to state a clear support period. In most cases, this information is not easily available to consumers.

So you can make a smart device purchase with your eyes open, we explain the support policies of all the major brands in our buying guides. Check the links below to find out more.

TV and audio 

• Smart TVs – TV support varies from eight years to two, which is far from enough.
• Soundbars – like TVs, some soundbar brands need more clarity and better support.
• Smart speakers – big brand smart speakers offer around five years of support.
• Set-top boxes– from three years after discontinuation to five years from sale.

Smartphones and smart tech

• Smartphones – brand support for phones can vary from two years to over six.
• Smart doorbells – upwards of five years with some brands, but many refused to confirm.
• Smart security systems – Amazon, ERA and Yale were the only brands to commit.
• Wireless cameras – a range of brands offer five years or more, but one offers just two.
• Smartwatches – support is fairly short for most smartwatch brands.
• Fitness trackers – fitness tracker brands rarely guarantee more than two years.
• Smart radiator valves – one brand stands out with over 12 years of support.
• Smart thermostats – less than half the brands we asked were clear.
• Smart plugs – only two brands confirmed support, with the best at three years.
• Printers – just one printer brand - HP - was clear with us on support policies.
• Dashcams – some big brands offer over five years, others just two.

Home appliances

• Smart dishwashers – many offer over 10 years, but one brand could be less than three.
• Smart washing machines – from 10 years to a minimum of just two.
• Smart fridge freezers –Miele and BSH again lead the line for support periods.
• Smart ovens –too many major brands refuse to commit to support.
• Robot vacs – only one manufacturer of robot vacs came clean on support policies.

Unique tools and advice to help you stay safe and buy smarter

At Which?, we put security at the heart of our smart device tests, and have created a range of tools to help you check how long a device you own - or are considering buying - will last in terms of software updates:

• Head to our mobile phone reviews and filter results to models that will remain supported for at least another 2, 3, 4 or 5 years. Or check our mobile phone support calculator.
• Our laptop reviews also include a filter, so you can see how long models will last. You can also use our Windows 11 compatibility tool, and check in on Chromebook expiry dates.
• For tablets and iPads, use our tool to discover whether a tablet you own is still supported, or how long a range of popular models have left.
• Wireless routers - find out how long is left support-wise for your internet router, and whether you're safe to keep using an older router in the home.

PSTI to improve security standards for consumers

Following years of campaigning by Which?, the government has now introduced the Product Security and Telecommunications Infrastructure (PSTI) Act. Among other security requirements for smart products, companies will have to be transparent with you about how long they will support smart products when you buy them. 

Which? is broadly supportive of PSTI, but feels it could go further in three key areas:

• Online marketplaces: previous Which? research has shown that many insecure products are sold via marketplaces, listing sites and auction sites, so the legislation must effectively cover everywhere that consumers buy smart products. 
• Update support minimums: the legislation makes it law that manufacturers must tell consumers how long they will support a smart product when they buy it. However, we feel that it is necessary to mandate how long different types of products should be supported as a minimum. 
• Consumer rights: If someone owns an insecure smart device, they should be able to argue that it is faulty and then get a refund or replacement as per their legal rights under the Consumer Rights Act 2015. 

Which? testing puts you ahead of the game 

Until PSTI comes into force, there are no mandatory requirements for manufacturers to make your products secure by design. 

So, at Which?, we run a rigorous testing programme to assess the security and privacy protections (or lack thereof) in smart devices we review. 

We are actively testing the security of smart devices in more than 35 different product areas, and are continuing to expand our programme. 

If we find problems in our testing, which happens all too often, we will contact the manufacturer to address them. If these concerns go unheeded, we may hold back a Best Buy, make a product an automatic Don't Buy, and issue our Security Notice, as a clear warning not to buy it.

How to make your smart devices more secure

In addition to using our reviews to choose products, there are things you can do to ensure devices you already own are as secure as possible. 

• Run a tech audit: Review all the smart devices you have connected at home and consider when you bought them, if they are still on sale, and if they have been recently updated. As we've shown, a key issue with older devices is that brands essentially abandon them, and cease supporting them with important updates to guard against threats. 
• Take security measures: For all still supported devices, make sure they are updated to the latest software. If a password is used, ensure it is a strong one that you set yourself. If you can add on two-factor authentication, make sure you do so. 
• Time to upgrade: If a device you own is no longer supported, you should look to upgrade it when you can. It will be a wrench to ditch a product that is still in working order, but it is just not worth taking the risk of it being exploited by a malicious hacker or scammer.   
• Legal rights: If you have a device that’s less than six years old and no longer supported, you could try to argue that you deserve a refund or replacement. Currently, security is not well defined in law, but try contacting the retailer to see if you can make the case that your product is no longer fit for purpose or of satisfactory quality.