Are devices that maintain a keep-alive channel from my network to an external provider safe
My home business has sensitive client data stored on a file server and there are workstations that access that data.
I have always been concerned about devices and services that maintain a communication channel from my networks to outside services.
So my IP Cameras, Streaming devices and Smart lighting controls, Amazon Echo etc that connect to cloud or data-center services are all on a separate network from my business built with 2 WatchGuard firewalls. All of these devices maintain a persistent connection to an outside provider, keeping an inbound route alive to each device on my network.
I never hear about this as a security issue, but I am not confident.
For example, like many other support providers, I have a ScreenConnectControl server on my business network. This provides a remote access solution for me to access my business client's computers based on a ScreenConnect agent running on their individual computers. This and other mentioned services do not require an inbound policy on whatever firewall they are using. (however application controls could be used to block the outbound keep-alive attempts, but few business bother to configured outbound application controls)
Generally speaking, are all these keep-alive connections to outside providers safe.
Comments
They are safe, until they are not.
Example -
. the user/password database from the owing software provider is acquired by some hacker, and then ends up on the dark web.
. a hacker is able to insert remote access into a software update from the vendor
You may not find out about these breachs until months/years later, and by that time your PCs etc. could have been accessed by hackers.
Security posture is always a balance between ease of access & absolute safety.