Given that the Internet of Things (IoT) can produce tremendous amounts of data, security is a major concern. In addition to the initial creation of the data on an individual device, data is sent to centralized systems that collect and store it for future use. Although the data provided by IoT devices is certainly valuable to companies, it’s crucial to understand how the data is stored over time— and what consequences could come from a security breach.
Smart Device Security
Although home-based smart devices can be convenient, their sensors are able to gather highly sensitive information including audio recordings, as well as other records of what you do in your home. For example, a 2020 study of video doorbells done by Consumer Reports found a number of security gaps. Out of the 24 doorbells tested, none received an Excellent rating. At the time of testing, many of the models lacked two-factor authentication, among other issues.
Sharing Data With Third Parties
When personal data produced by IoT devices is then shared with third party companies, cyber security risks multiply. In order to address the increased risk, a research report by Ponemon Institute states that new strategies beyond traditional network firewalls and anti-malware software are needed to protect the IoT ecosystem. It is critical for an organization to ensure its third party partners are working to mitigate risks and maintain adequate control of the various data sources they manage.
Adequate security controls include:
- Strong authentication
- Network controls limiting access to data
- A response plan in place for security incidents
- Monitoring for unusual and/or suspicious behavior
- Data encryption
- And more
Are You Prepared?
Forecasts estimate 50 billion IoT devices will be in use globally by 2030. In turn, that growth will dramatically increase the amount of personal data produced by IoT devices. As adoption of the technology grows, the public will expect more robust security standards protecting their personal data.
In an effort to further educate technical professionals on the importance of data privacy, IEEE has partnered with the International Association of Privacy Professionals (IAPP) to provide the IEEE | IAPP Data Privacy Engineering Collection to organizations. This unique training program provides tools that allow the technical workforce to implement policies and processes for designing products that take ethical personal data use into consideration right from the start. Contact an IEEE Account Specialist today to learn more.
Plus, download this infographic from IEEE to discover ways how your organization can tackle data privacy regulations!
If you’re looking to improve your understanding of the Internet of Things, IEEE has also combined IoT educational materials with the latest research and development to create the two learning pathways of the IEEE Academy on the Internet of Things.
- IEEE Academy on Internet of Things (IoT): Communications Standards
Communication technology is an essential part of the Internet of Things as it allows devices to interconnect. This learning path covers the basic principles of communication technology and practical usage of standardized communication. Learn more.
- IEEE Academy on Internet of Things (IoT): Computing Platforms
IoT computing platforms are essential to the development and deployment of IoT applications. This learning path covers all these aspects by providing an overview of the current state-of-art and future trends on computing platforms for IoT applications. Learn more.
Tanner, Jones. (5 December 2021). IoT Vulnerabilities: IP Cameras Most Insecure IoT Device. Medium.
Wroclawski, Daniel. (13 August 2020). Data Security and Privacy Gaps Found in Video Doorbells by Consumer Reports’ Tests. Consumer Reports.
Mendoza, N.F. (12 June 2020). Report: Most Companies Unaware of Third-Party IoT Security Measures. TechRepublic.
Ranger, Steve. (3 February 2020). What is the IoT? Everything You Need to Know About the Internet of Things Right Now. ZDNet.
Palmer, Danny. (18 October 2017). Security Flaws in Children’s Smartwatches Make Them Vulnerable to Hackers. ZDNet.
(May 2017). The Internet of Things (IoT): A New Era of Third-Party Risk. Ponemon Institute and The Santa Fe Group.
McFadin, Patrick. (March 2015). Internet of Things: Where Does the Data Go? Wired.