Danger (still) lurks in the Internet of Things (IoT)

CES 2016 has come and gone, and even though I didn’t attend (it’s been 15 years since I have), all of the media, both “mainstream” and “tech”, has gushed over all of the new appliances and devices that are now in the category of what we would call the Internet of Things.  Items like home security,  home lighting, and refrigerators, to name a few.

There are many advantages to having connected appliances and devices, but, as I’ve written before (here, and here), there are threats as well.  Threats that can and will be exploited if unsuspecting users don’t secure them.  Last week (1/13/2016), Dark Reading interviewed the CEO of Trend Micro, Eva Chen, and she described some very real concerns, including two “layers” of security that they offer:

The first layer of offering we do is a security API that will provide [a way] to easily do a virtual patch, to prevent a remote attack, for example . . . the third layer is cloud: IoT cannot do anything without the cloud.  Most data is sent to the cloud and you will need to have proper protection and make sure the cloud is always available.

In both situations, users are vulnerable, mostly due to their own apathy.  Users often either don’t know how to patch their own machines (and in this case, devices) or have glanced over how to do it and just don’t bother, or if automatic patching is available, they don’t enable it.  When it comes to cloud computing, most users just assume that if their data is “up there”, the provider will take care of security.

If you really want your refrigerator to automatically create a list of items for you to purchase (e.g., you’re running low on milk) and send that list to your smartphone (via Evernote or some other app), you’re going to have to be responsible for your own security.  If available on your IoT device, enable automatic download of patches and updating of your system.  Don’t configure your IoT device with the default password that it comes with, change it to a secure password (and if you don’t know if yours is secure enough, test it in The Password Meter).  Read the users manual to find out how to enable your device’s security yourself.

You want to see, via wireless home security cameras enabled through the cloud, what’s going on in your house?  Fine.  Just practice the necessary security practices to really keep your home and its data secure.

Leave a Reply

Your email address will not be published. Required fields are marked *