As the holiday shopping season gets underway, many consumers will pick up new IoT devices, even though many of those devices might come with security risks.
The Christmas Security Bells are Ringing
The weather has changed, the Christmas bells are ringing, and you may have a security risk wrapped beautifully beneath your tree. As Christmas approaches many of us may be wanting the latest tech gadget or gizmo to add to our collection. As an IT pro, we should be looking closely at the risks vs rewards of any IoT devices out there, but what about the rest of the consumers? If you’d like to help convince your loved one or friend of the severity of the situation – please feel free to share this article!
65% of millennials (ages 25-34) say they don’t take evaluation of security of IoT devices seriously.
Source: KeeperSecurity Survey
Well what’s all the fuss with the latest IoT technology that could present any issues in regards to security?
As per usual, the makers of these products want to get as much data as to their use as possible. This helps them to see how the device is being used, how to improve, and how to create the next best gadget that you’ll want to buy. Sounds harmless right? Wrong.
- IoT devices, and children’s toys in particular can contain:
- Data storage components
- Multimedia capabilities
- Speech recognition
Who’s monitoring your child? You or the maker of their latest and greatest toy or even an unknown party?
Concerned? You should be. All it would take would be a breach of a popular toy and all that information above can be exposed to an unknown individual. This means that while you’re enjoying using your new gadget, or watching your child play with their new Christmas gift, someone’s taken advantage of the IoT nature of the device. Now all of the sudden, someone else is listening in, or watching via a camera, and the GPS coordinates are showing just where you or your child is whenever their with the device.
Now you, as an IT professional, may be wanting to warn others and convince them of the dangers of many of the IoT devices on the market today. It can be said that “if it was such a big deal, surely we would have hard something from law enforcement.” Well if your met with that argument, feel free to share Alert I-071717-PSA a public service announcement dealing with IoT devices, toys in particular from the FBI’s IC3 (Internet Crime Complaint Center).
What to Do
- Research a device before you buy it, look for the following items
- Any known reported security issues
- The device’s internet/connectivity security measures
- If the device stores any data or information that can compromise you or your family
- If the device can receive updates to patch/fix any flaws that may be published
- Turn of the device, and remove batteries when not in use
- Use and connect the device to only trusted Wi-Fi
- Find and change any default passwords
- Always use encryption when connecting to Wi-Fi
- Go the extra mile
- Look for and read any disclosures that list who has access to your data on the device, and what it’s being used for
What do YOU Do?
IT Pro’s – we want to hear from you? If you haven’t created an account with us, please do so and Join the Community
- What do you do with your IoT devices either at home or at work?
- Do you advise your friends or family on IoT devices?
- What’s your feelings overall with IoT and how do you handle them?