Pay attention to your IoT Device Security

Wow cool! A device that lets you know, via Internet, when your milk is beginning to sour! And a connected thermostat—turning the heat up remotely an hour before you get home to save money…and “smart” fitness monitors, baby monitors, watches…

Slow down. Don’t buy a single smart device until you ask yourself these 10 questions. And frankly, there’s a lot of effort in some of these questions. But, security isn’t always easy. Check it out.

  • Was the company ever hacked? Google this to find out.
  • If so, did the company try to hide it from their customers?
  • Review the privacy policies and ask the company to clarify anything—and of course, if they don’t or are reluctant…hmmm…not good. Don’t buy a device that collects data from vendors that fail to explain data security and privacy.
  • Does the product have excellent customer support?
  • Is it hard to get a live person? Is there no phone contact, only some blank e-mail form? Easily accessible customer support is very important and very telling of the product’s security level.
  • Does the product have vulnerabilities that can make it easy for a hacker to get into? You’ll need to do a little digging for this information on industry and government websites.
  • Does the product get cues for regular updates? The manufacturer can answer this. Consider not buying the device if there are no automatic updates.
  • Does the product’s firmware also automatically update? If not, not good.
  • Is the Wi-Fi, that the device will be connected to, secure? Ideally it should be WPA2 and have a virtual private network for encryption.
  • Will you be able to control access to the product? Can others access it? If you can’t control access and/or its default settings can’t be changed…then be very leery.
  • What data does the device collect, and why?
  • Can data on the device traverse to another device?
  • Ask the gadget’s maker how many open ports it has. Fewer open ports means a lower chance of malware slithering in.
  • Is stored data encrypted (scrambled)? If the maker can’t or won’t answer this, that’s a bad sign.
  • Ask the manufacturer how the device lets you know its batteries are low.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Votes: 0
E-mail me when people leave their comments –

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead