from Why device security is up to the user
by Anasia D’mello
More devices mean more susceptible connections from server to receiver. While that might be a cynical view, it is a factual one. Smart doorbells with face recognition, pet tech with microphones, Teslas with cameras: devices are only becoming more widespread but, generally speaking, not improving when it comes to security.
Internet of Things devices have the ability to capture many data points about users and it is this fact which makes their hackability all the more worrying. Further, the varying data rights of global citizens means that IoT eyes are everywhere with little legal oversight. Let’s explore what security means in the age of internet-connected devices and what must be done to ensure it, says Carsten Rhod Gregersen, CEO and founder of Nabto.
It is hard to escape the fact that security standards vary between vendors and devices. Most jurisdictions do not have regulated device standards, therefore leaving it up to device makers and users to put protections in place.
This is necessary because device fallibilities are widely known. For example, Russian hackers used printers, video decoders, and other connected devices to penetrate targeted computer networks, Microsoft officials warned in August.
Further, medical devices have even been threatened by poor security standards. In 2017, The Food and Drug Administration announced the discovery of a serious vulnerability in implantable pacemakers. The vulnerability targetted the transmitter that pacemakers used to communicate with external services, meaning hackers could theoretically alter its functioning, deplete the battery, and administer potentially fatal shocks.
Onus on the user
It is not acceptable that many modern devices do not come loaded with appropriate security safeguards. This is especially important as such devices continue to play growing roles in modern life, from smart homes to security cameras and gaming consoles. The homes and lives of today are connected and must be adequately protected.
The bottom line is that if you have a connected device, it needs protection. Personal information is not easy to get back once it is gone. The only way to ensure this happens is to shift the onus of protection from company to user, and this is why it is important to have a defence plan for personal devices.
Protecting what’s yours
Both device creators and lawmakers have proved slow to move on device security protections. Default passwords and weak security systems simply are not good enough when it comes to devices which collect countless user data points. While Europe has attempted to data rights through its General Data Protection Regulation, the same cannot be said for the United States. Data rights vary widely from state to state with little federal movement on the horizon, creating an uneven legislative playing field across the country.
This means users – no matter their level of computational ability – are the ones who must act to ensure their data stays safe. This is the only certain way to make sure data travels from server to receiver without interception. So, what must users do?
Users are best advised to inspect their default settings. […]
The post Why device security is up to the user appeared first on IoT Now – How to run an IoT enabled business.