With our ever-increasing dependence on technological devices and various sensors that help us park our cars and track our fitness levels, it comes as no surprise that these large collections of electronically stored data could pose a security risk. The Internet of Things, otherwise known as the “
IoT”, describes the transmission of data through the Internet, without any human input.
Part I of this series looked at what the IoT is and the privacy concerns associated with this mass collection of data. As individuals, we may be most concerned about our own privacy, but the companies that produce these devices are concerned with their systems’ overall security.
For many devices used today, a certain amount of personal information needs to be provided for the device or application to function properly. For example, to get more accurate information from fitness trackers, the user often needs to provide details about their height, weight, gender, activity level, and so forth. We’ve already addressed the possible privacy concerns associated with providing this information – selling data to third parties, data falling into the wrong hands, etc. The security concerns focus on who can gain access to this information, and what can we do to prevent it.
In an article by CMS Wire they reported that 80 percent of these devices failed to require adequate passwords, often resulting in users having no or very weak passwords. The same study reported that 70 percent of devices used unencrypted networks for transferring the data. This means that data is being transferred without any form of protection that would keep it from being picked up by the average computer hacker. Other security concerns the study found included the need for improved user interfaces that weren’t so easy to be hacked and the use of encryption when users download updates for their devices. Without this encryption, hackers can gain access to the user’s profile while an update is being downloaded and installed.
The positive side of this is that with all of these security concerns being raised and brought to the forefront, many companies are taking action now to make changes and protect their users’ private information moving forward. In addition to steps being taken by companies producing these devices, a not-for-profit organization has been established known as the Internet of Things Security Foundation (IoTSF). The IoTSF works to raise awareness and provides resources to companies to help them discover the vulnerabilities and flaws in their devices and correct them.
For more information regarding the IoT and the security concerns stemming from the open flow of data among these devices contact Revision Legal’s Internet attorneys through the contact form or call 855-473-8474.
Image credit to Flickr user reynermedia
