As the holiday shopping season gets underway, many consumers will pick up new IoT devices, even though many of those devices might come with security risks.

The Christmas Security Bells are Ringing

The weather has changed, the Christmas bells are ringing, and you may have a security risk wrapped beautifully beneath your tree. As Christmas approaches many of us may be wanting the latest tech gadget or gizmo to add to our collection. As an IT pro, we should be looking closely at the risks vs rewards of any IoT devices out there, but what about the rest of the consumers? If you’d like to help convince your loved one or friend of the severity of the situation – please feel free to share this article!

65% of millennials (ages 25-34) say they don’t take evaluation of security of IoT devices seriously.
Source:  KeeperSecurity Survey

Well what’s all the fuss with the latest IoT technology that could present any issues in regards to security?
As per usual, the makers of these products want to get as much data as to their use as possible. This helps them to see how the device is being used, how to improve, and how to create the next best gadget that you’ll want to buy. Sounds harmless right? Wrong.

  • IoT devices, and children’s toys in particular can contain:
    • Sensors
    • Microphones
    • Cameras
    • Data storage components
    • Multimedia capabilities
    • Speech recognition
    • GPS

Who’s monitoring your child? You or the maker of their latest and greatest toy or even an unknown party?

Concerned? You should be. All it would take would be a breach of a popular toy and all that information above can be exposed to an unknown individual. This means that while you’re enjoying using your new gadget, or watching your child play with their new Christmas gift, someone’s taken advantage of the IoT nature of the device. Now all of the sudden, someone else is listening in, or watching via a camera, and the GPS coordinates are showing just where you or your child is whenever their with the device.

Warnings

Now you, as an IT professional, may be wanting to warn others and convince them of the dangers of many of the IoT devices on the market today. It can be said that “if it was such a big deal, surely we would have hard something from law enforcement.” Well if your met with that argument, feel free to share Alert I-071717-PSA a public service announcement dealing with IoT devices, toys in particular from the FBI’s IC3 (Internet Crime Complaint Center).

What to Do

  • Research a device before you buy it, look for the following items
    • Any known reported security issues
    • The device’s internet/connectivity security measures
    • If the device stores any data or information that can compromise you or your family
    • If the device can receive updates to patch/fix any flaws that may be published
  • Turn of the device, and remove batteries when not in use
  • Use and connect the device to only trusted Wi-Fi
  • Find and change any default passwords
  • Always use encryption when connecting to Wi-Fi
  • Go the extra mile
    • Look for and read any disclosures that list who has access to your data on the device, and what it’s being used for

What do YOU Do?

IT Pro’s – we want to hear from you? If you haven’t created an account with us, please do so and Join the Community

  • What do you do with your IoT devices either at home or at work?
  • Do you advise your friends or family on IoT devices?
  • What’s your feelings overall with IoT and how do you handle them?

Source: Consumers Want IoT Toys Regardless of Security, Survey Finds

IoT Security Not on the list this Christmas
Tagged on:     

Notable Replies

  1. In my opinion, it’s all about if you trust the manufacturer of your device and has the device you bought have reputable reviews by trustworthy reviewers. Personally, I own 3 Google Home smart speakers, an Xbox One X with a Kinect and a Google Pixel 2 XL, an Nvidia Shield Tablet, an Amazon Fire tablet, an Amazon Fire TV Stick, and a Google Chromecast. All these devices are connected to the Internet. They are all collecting data about me and what I like. Now some people would say, Eric, you’re not wise to use all these devices especially if they are always listening for a trigger word that would then send information to Google, Microsoft, or Amazon. However, I view it as a trade off. Yes, I am giving up a lot of privacy by using all these Internet connected devices, but I am gaining a TON of convenience and I’m getting the best recommendations and suggestions for content and services that I am actually interested in. My ads are more relevant than ever before. People may think I’m crazy, but I’d rather have personalized targeted ads for products and services I actually use than have generalized ads for products and services I’ll never use such as beer or credit cards. I haven’t invested in many smart appliances or smart light bulbs yet, but I personally am very excited for new smart Internet connected devices that make our lives easier. I agree though that people should do their research and only buy devices from manufacturers that they trust.

  2. I completely agree, it’s a trade off for sure. You bring up a good point about manufacturer trust and for certain devices I agree. What gets me is the areas where it can get out of control. SmartTVs that keep their cameras and on and could be listening. Toys that contain GPS, I think the data collection in some areas is a little out of control, bordering on spying. There’s a court case right now that will determine if the government has the right to access and use Google collected information about you without a warrant. It’s one thing if “usage data” is collected by a manufacturers, it’s quite another if the government or some bad actor gets a hold of it. Data privacy and security especially for consumer devices should be a stronger focus.

Continue the discussion community.aitassociation.com

Participants

%d bloggers like this: