What It Takes for Security in the Internet of Things

By on Jun 29, 2016

The next time you buy a car, chances are, it’ll be connected to your phone. Maybe your next refrigerator, thermostat, or child’s toy will be similarly integrated. And it may happen sooner than you realize: analysts believe 50 billion devices will be connected to the internet by 20201. But that prediction may not last. A new report by Accenture, Igniting Growth in Consumer Technology, has found that most people are uncomfortable with IoT (Internet of Things) products, particularly due to cybersecurity concerns.

The Accenture report reveals that 47 percent of consumers identified privacy and security risks as a major drawback of IoT products. Cybersecurity is certainly playing a critical role in IoT adoption, or lack thereof. According to the report, these concerns have caused 37 percent of respondents to be cautious about their use, 24 percent to delay purchasing devices, and 18 percent to stop using products they’ve already bought. Let me put it this way: if you happened to ask five random strangers on the street, four of them would say they worry about IoT safety.

The fact that IoT security may be lacking is, of course, bad news, but it’s great to see people so well-educated on the topic. Perhaps they’ve read any of the numerous stories on IoT hackings and vulnerabilities over the past year. Though there’s certainly an element of sensationalism in many of these reports, the truth is, real concerns exist for IoT devices. Any omnipresent item in our living spaces, where we typically have a strong expectation of privacy, requires a high degree of trust—which companies must earn by the quality and safeguards of their connected products.

Some organizations have stepped up to this challenge. Others haven’t. Take a previous incident with baby monitors, reported by Forbes. A group of researchers discovered and reported vulnerabilities in a set of baby monitors (in the respective company’s community forum, no less), but the manufacturer took no action. In fact, Sergey Shekyan, who discovered the security gaps, originally wanted to test the security of the device because he believed “a camera cannot do all this for $40 and do it right.” Unfortunately, he was correct. Cybercriminals exploited those holes in security, spying on sleeping babies via webcam.

Naturally, people are right to be indignant about companies that don’t take security seriously. As IoT products become more common, we as consumers have to raise our security standards. After watching this market grow, and closely monitoring the highs and lows along the way, it seems clear that there are two necessary changes to reach the era of safe IoT. First, businesses need to prioritize user safety and build secure products by incorporating security controls and privacy settings into their design; second, consumers should know best practices for purchasing and maintaining security of IoT devices.

Here are some tips for you to consider before purchasing or enabling an IoT device:

  • Research the product’s security track record. We’re in the early days of IoT and safety gaps will surely be discovered. Before buying a product, see if it, or the company offering it, has had issues in the past. A quick Google search can even do the trick. You can also search on the Federal Trade Commission’s website for prior enforcement actions. By doing your research, you may find some companies ignore their product’s security issues, while others are more proactive.
  • Take advantage of security settings. Some devices will offer advanced configuration, and you should make the most of them. Certain IoT products may offer separated networking, similar to a guest Wi-Fi network alongside your main connection. That’s just one feature—more may come with other products.
  • Keep current on the latest IoT threats. It’s easier for cybercriminals to break into old, outdated software. Update device software and use anti-virus or monitoring tools whenever possible, and always keep an eye out for any news that may affect your IoT security.

 

gary

 

 

 

 

 

Footnotes

1. Cisco Global Cloud Index: Forecast and Methodology, 2013–2018 (white paper)

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs