Is this Internet-Connected Toy Safe for Your Child?

Children are more connected today than they have ever been. They have a larger digital footprint than previous generations, usually starting with a birth announcement on social media. And with the release of new “smart” toys every year, it’s no wonder parents are worried about their children’s safety and security. While your smartphone can be somewhat secure, the same can’t be said for Internet-connected toys.

A recent discovery by Rapid7 Inc. found security flaws in children’s toys that have highlighted how badly the toy industry has neglected these problems. These flaws are exposing children to online threats, such as child predators and hackers.

But what’s a parent to do? Internet-connected toys, which ask parents to create personalized profiles for their children, are becoming increasingly popular and are are on many children’s gift lists.

But these toys aren’t all fun and giggles. In November 2015, the VTech database containing information on more than 6 million children was hacked. The hackers accessed both the children’s and parent profiles they were attached to. Names, mailing and email addresses, security questions, answers and passwords were compromised.

Other toys, such as Hello Barbie, have raised security issues. The doll listens to the child’s voice and uses cloud-based voice recognition technology to respond. Parents worry that the WiFi-enabled doll can be hacked and turned into a surveillance device.

Issues with Fisher Price’s Internet-connected stuffed toys and Intel’s GPS smartwatch for children and some LeapFrog products are also on parents’ security radar.

So what can you do to keep your child safe? Here are 5 suggestions to help limit your children’s exposure to breaches:

Limit what data you enter

Most toys don’t need your child’s life story to operate. Chances are, the toy only needs your child’s first name for personalization and their age to serve them appropriate content. If you don’t feel comfortable entering certain information into your child’s toy, don’t do it. Make up fake information if you have to. In most cases, the less information you enter about your child, the more secure the toy will be.

Use Internet-connected toys safely

Children will always want the latest and greatest when it comes to toys. To ensure these devices are being used safely, change any default passwords and keep the software updated. It’s also helpful to only let your child connect to your home WiFi and avoid connecting to public Internet systems.

Use strong and unique passwords

One of the best ways to stay protected is to create a unique password for each site, app or toy your child has. Try not to use any identifying information, such as names or birthdays, in the passwords. Also, keep the passwords to yourself. Enter them in for your children instead of having them do it.

Opt for unconnected toys

There are many great toys that don’t require Internet connectivity. Toys such as dolls, toy cars and trucks,Lego sets and stuffed animals are all fun, engaging toys that don’t use WiFi or need passwords to be safe.

Another option is to download kid-safe games on your smartphone. There are many apps and games that allow children to play interactive games, but also block them from accessing other areas of parent’s phones.

Monitor screen time

If your child can’t live without their Internet-connected toy, monitor their screen time. Make sure they aren’t accessing unsafe websites or entering secure information. Turning the toys off when they are finished playing and keeping the toys out of their bedrooms also adds an extra layer of security.

Need more information?

SACS Consulting and Investigative Services Inc. offers cybersecurity training and electronic security to help keep your family safe and secure. Call 330-255-1101 to talk to one of our security experts and learn about our other safety training topics.