Basically, IoT is about connecting devices over the Internet, allowing them to talk to us, applications, and each other.
Where it’s most common is home heating and energy use –they have clever functions that let you turn on heating remotely, set it to turn down the temperature if it’s a sunny day, or even turn off when there’s no-one home. Some can tell the latter with motion-sensing cameras, or simply by seeing that your smartphone (and therefore you) has left the premises.
IoT is more than smart homes and connected appliances, the principal can be scaled up to include almost any task. Software monitors when something needs doing and alerts the user that they need to do something, for example, smart bins that signal when they need to be emptied. (source: Guardian.com)
All new systems have teething problems and security and privacy are the biggest challenges for IoT. All these devices and systems collect a lot of personal data about people and it’s shared with other devices and held in databases by companies.
As the internet of things (IoT) develops and this new concept becomes more readily available, security and privacy issues must be given thoughtful consideration before introducing this technology in your office or home.
The internet of things (IoT) launched last year, and companies like Google and Amazon have both launched platforms which allow customers to use this revolutionary concept. There have been multiple predictions which declare that there will be at least tens of billions of connected devices by 2020.
Hackers haven’t put much attention to IoT yet likely because there’s not enough people using it to make it worth the effort but as soon as there is financial benefit you can assume that a cyber criminal will be working on it.
As more devices are connected, the concerns around privacy and security increase. Concerns such as data theft or how corporations can access your private data. Some of the biggest issues which consumers and businesses need to consider before connecting their devices are discussed below:
The main issue with IoT is that adding more devices to your network, increases the workload for your network’s firewall. Historically, most people only had to worry about protecting their computer, now with the IoT the number of devices which require protection is much higher. Because there are so many devices that can be hacked, that means that hackers can accomplish more.
You have probably heard stories in the news of hackers accessing CCTV or unlocking cars remotely, but hackers could use even seemingly unimportant devices like baby monitors or your thermostat to uncover private information or just cause problems.
The point is that we have to think about what a hacker could do with a device if he can break through its security.
As the Internet of Things becomes more popular, we must worry about the increased number of devices which require protection. But even if you start taking security seriously, the device manufacturers are not as stringent. One problem is that companies do not update their devices enough or at all. This means that an IoT device which was safe when you first bought it can become unsafe over time as hackers discover new vulnerabilities.
Computers used to have this problem, but automatic and easier updates have helped alleviate this problem. However, if companies are rushing to get devices launched, security could be compromised. Even if firmware updates are offered for a time, they often stop when they focus on creating the next new device, leaving customers with slightly outdated hardware that can become a security risk.
Hackers are distressing but they are not the only threat to the Internet of Things. In fact, the corporations which create and distribute interconnected devices could also use these devices to obtain personal data, particularly dangerous when they are used for money transfers.
For example, consider how BP have distributed Fitbits to their employees so that they can track their health and thus get lower health insurance premiums. Even if we ignore the worrying idea of workers’ health being monitored around the clock, there is the question of what happens to the data they’ve gathered? Which raises issues regarding our individual privacy rights.
The best solution is for customers to take time to read any agreements before signing them when they purchase a new device. Also, to try and find out what the manufacturer of the device’s privacy policies are in relation to protecting data and keeping it safe. This should be made easier with the introduction of GDPR, (what is GDPR?)if an organisation is collecting your personal data they must tell you why they need it and how they will keep it safe. Privacy policies should be readily available on supplier websites. This might mean refusing to use certain IoT devices but said device may not be worth the privacy trade-off.
Computers have automatic updates partly because most users would forget to carry them out. When you consider the increase in the number of devices, this issue will likely get worse.
While tech companies and the government are taking the IoT security threat more seriously, the first line of defence in your home is you. This means taking the time to think about how IoT devices could be used against you as well as going over their security features. For example, an IoT device from a smaller, less established company may be cheaper, but if that smaller company goes out of business there is no one around to patch its vulnerabilities.
IoT boasts opportunity, but the security risks cannot be ignored whether it is from hackers or big corporations. Above all else, the best remedy is to consider the potential risks of installing connected devices and doing your research.
If you’re considering connecting your devices, but you’re not sure if you have sufficient security measures in place the best thing to do is to speak to your IT provider. They will be able to provide advice on the correct measures to put in place to ensure the correct level of protection.
If you would like to discuss this further Genesis can help, call us 01482 210999 or email [email protected].