We use cookies to allow us and selected partners to improve your experience and our advertising. By continuing to browse you consent to our use of cookies. You can understand more and change your cookies preferences here.

Technology.

Security and smart devices: how to protect your smart home from hackers

From protecting your smart home and IoT devices against hackers to buying a product that lasts, factoring security into a smart tech purchase has never been more important
Andrew Laughlin
Android phone receiving updates

When you buy and share data with an internet-connected smart device, such as a smartphone or internet router, you obviously want to be assured that your data will be protected. 

That requires robust design with security in mind, and long-lasting support to protect against hackers and cyberthreats. 

Sadly we know from our security testing that neither of these are guaranteed, and that far too many brands are abandoning devices too soon after launch. 

Unique Which? tools and advice can help you make a smart device purchase from a brand you can trust, and that'll have your back in years to come.


Tech tips you can trust – get our free Tech newsletter for advice, news, deals and stuff the manuals don’t tell you.


Why does smart device security matter?

Security isn’t always front of mind when tech brands release new products. Over the years we’ve shown exactly how big a problem this can be with a wide range of investigations, including:

  • In 2021, we showed how a smart home can be at risk from hackers at a massive scale, creating a dummy home full of smart devices in a test environment that saw over ten thousand hacking attempts in just a week.
  • We’ve demonstrated how online marketplaces could be flooded with insecure smart products, after over 1,800 individual smart products were discovered on Amazon, eBay and AliExpress, including smart doorbells, wireless cameras and tablets, that could pose a risk to your security and privacy.
  • In 2022, we put big brand tech to the test to show how inadequate support periods can leave consumers vulnerable to threats, as our ethical hackers successfully compromised popular devices like a Philips Smart TV, Nest smart doorbell, Samsung Galaxy phone, and Amazon Echo speaker.

Avoiding these risks involves well designed products with robust security, and a commitment to support these devices for a long enough period of time.

Smart TV showing an update screen

How long do popular tech brands support products?

It’s natural to want to buy a product that lasts – and in the case of smart devices, this needs to include support and updates from the manufacturer to protect against emerging threats.

We contacted over 100 smart device brands to ask how long they will support their products with important security updates, but only 28 were willing to state a clear support period. In most cases, this information is not easily available to consumers.

So you can make a smart device purchase with your eyes open, we've covered off the support policies of all the major brands in our buying guides. Use the links below to read more information about these for products you're interested in, and check back as we add more. 

  • Smartphones – brand support for phones can vary from two years to over six.
  • Smart TVs – TV support varies from eight years to two, which is far from enough.
  • Soundbars – like TVs, some soundbar brands need more clarity and better support.
  • Smart speakers – big brand smart speakers offer around five years of support.
  • Smart doorbells – upwards of five years with some brands, but many refused to confirm.
  • Smart security systems – Amazon, ERA and Yale were the only brands to commit.
  • Wireless cameras – a range of brands offer five years or more, but one offers just two.
  • Smartwatches – support is fairly short for most smartwatch brands.
  • Fitness trackers – fitness tracker brands rarely guarantee more than two years.
  • Smart dishwashers – many offer over 10 years, but one brand could be less than three.
  • Robot vacs – only one manufacturer of robot vacs came clean on support policies.
  • Set-top boxes– from three years after discontinuation to five years from sale.

Router in a home

Unique tools and advice to help you stay safe and buy smarter

At Which?, we put security at the heart of our smart device tests, and have created a range of tools to help you check how long a device you own - or are considering buying - will last in terms of software updates:

  • Mobile phone support calculator – discover the update policies of big brands such as Apple and Samsung. You can also head to our mobile phone reviews and filter results to models that will remain supported for at least another 2, 3, 4 or 5 years.
  • Tablets and iPads – use our tool to discover whether a tablet you own is still supported, or how long a range of popular models have left.
  • Wireless routers - find out how long is left support-wise for your internet router, and whether you're safe to keep using an older router in the home.
  • Windows 11 compatibility – Windows 10 loses support in 2025. Make sure you future-proof by using our tool to check for Windows 11 compatibility.
  • Chromebook expiry dates – find out when a Chromebook will stop receiving updates with our free, searchable tool.

Tech brands need to up their game

We rely on companies to support products for as long as possible, to a high enough standard, and also to communicate this clearly to their customers. 

Following years of campaigning by Which?, the government has now introduced the Product Security and Telecommunications Infrastructure (PSTI) Bill. Among various security requirements for smart products, companies will have to be transparent with you about how long they will support smart products when you buy them. 

Which? is broadly supportive of the Bill, but feels it could go further in three key areas:

  • Online marketplaces: previous Which? research has shown that many insecure products are sold via marketplaces, listing sites and auction sites, so the legislation must effectively cover everywhere that consumers buy smart products. 
  • Update support minimums: the legislation makes it law that manufacturers must tell consumers how long they will support a smart product when they buy it. However, we feel that it is necessary to mandate how long different types of products should be supported as a minimum. 
  • Consumer rights: If someone owns an insecure smart device, they should be able to argue that it is faulty and then get a refund or replacement as per their legal rights under the Consumer Rights Act 2015. 

Which? testing puts you ahead of the game 

While you might expect any smart device you buy to have your privacy and security top of its list of priorities, we've shown that this isn't always the case.

Until the PSTI Bill comes into force, there are no mandatory requirements for manufacturers to make your products secure by design. 

So, at Which? we run a rigorous testing programme to assess the security and privacy protections (or lack thereof) in smart devices we review. 

We are actively testing the security of smart devices in more than 35 different product areas, and are continuing to expand our programme. 

If we find problems in our testing, which happens all too often, we will contact the manufacturer to address them. If these concerns go unheeded, we may hold back a Best Buy, make a product an automatic Don't Buy, and issue our Security Notice, as a clear warning not to buy it.

Password-managers

How to make your smart devices more secure

In addition to using our reviews to choose products, there are things you can do to ensure devices you already own are as secure as possible. 

  • Run a tech audit: Review all the smart devices you have connected at home and consider when you bought them, if they are still on sale, and if they have been recently updated. As we've shown, a key issue with older devices is that brands essentially abandon them, and cease supporting them with important updates to guard against threats. 
  • Take security measures: For all still supported devices, make sure they are updated to the latest software. If a password is used, ensure it is a strong one that you set yourself. If you can add on two-factor authentication, make sure you do so. 
  • Time to upgrade: If a device you own is no longer supported, you should look to upgrade it when you can. It will be a wrench to ditch a product that is still in working order, but it is just not worth taking the risk of it being exploited by a malicious hacker or scammer.   
  • Legal rights: If you have a device that’s less than six years old and no longer supported, you could try to argue that you deserve a refund or replacement. Currently, security is not well defined in law, but try contacting the retailer to see if you can make the case that your product is no longer fit for purpose or of satisfactory quality.