How To Secure Your Personal Data In The Internet Of Things

By Nadia Kovacs, Marketing Communications Specialist and Content Writer, Symantec

2015 is shaping up to be the year of the Internet of Things (IoT). According to a study conducted by Gartner, there will be approximately 4.9 billion connected devices in use in 2015. This number has climbed 30 percent since 2014, and is forecasted to reach 25 billion by 2020. However, this trend also has security experts and consumers highlighting privacy issues that come along with the convenience of Internet connected devices.

When discussing these issues with the Financial Times, Jeff Greene, senior policy counsel at cyber security company Symantec, and co-chair of the NSTAC task force, says internet-connected devices are creating new vulnerabilities for cyber criminals to exploit.

“We have created a whole new playground for attackers to dream up things to do — whether it is nuisance, whether it is theft, or whether it is violence.”

The FTC recently released a report on the Internet of Things that warns devices could be used to harvest huge amounts of personal information. The report focuses on data privacy and best practices for businesses storing and collecting Internet of Things data. It also outlines a variety of potential security issues that can be exploited, such as enabling unauthorized access and misuse of personal information. While IoT technology is still fairly new, significant risks are already starting to emerge with these devices. So, what can you do to protect yourself?

The Connected Human Being and Protecting Personal Privacy

There are a plethora of wearable devices in the market today that have the ability to track a myriad of things about our bodies, our locations, how many steps we’ve taken and where, what our heart rate is, blood pressure and more. Most of these devices come with GPS sensors, motion sensors, Bluetooth, and Wi-Fi. However, in order to crunch the data these devices collect, they usually need to connect to an application that stores personal information, such as your full name, birth date, sex and where you live. This sensitive information would be dangerous were it to fall into the wrong hands. It can help aid cybercriminals in cyberstalking, identity theft and even burglaries.

How To Keep Your Personal Information On Lockdown:

1. Do not include any personally identifying information in your wearable device. Instead of using your real name as your alias, try to think of something that helps motivate you or amuse you.
2. Choose a unique, complex password for your device.
3. Turn off Wi-Fi and Bluetooth when not needed for data synching purposes.
4. Be aware of the data the app collects. Closely examine the privacy policy and permissions in the app. This should give a clearer picture of what the app intends to collect and what it will do with that information.
5. Use caution when using the social sharing features of these devices. Sometimes they can give away your precise location of when and where you are working out.

Connected Cars – Just How Secure Are They?

While we’re still a long way away from self-driving cars, automakers are teaming up with developers to launch cars with fully integrated smartphone capabilities and even their own Wi-Fi hotspots. Services and applications can be connected in a vehicle through mobile devices that connect to the car via Wi-Fi and Bluetooth. These new systems, dubbed “Infotainment,” are independent from the automobiles’ mechanical computer systems. Luckily, according to a study published by the University of California, San Diego, vehicles themselves are difficult to hack.

It’s the smartphone, not the car that becomes the more attractive target to the cybercriminal. When using apps that connect to the car, it is very important to be mindful of the data these apps choose to collect, store and transmit. For example, if a navigation application requests to access something out of the ordinary, such as your email application on your phone or any other apps that do not seem conducive to the application’s functionality, you may want to investigate the app permissions before using the app with your car.

Keeping Your Personal Information Secure:

1. Secure your smartphone, as it is most likely the Infotainment hub for the vehicle. Lock your phone with a strong password or PIN, do regular software updates when available to patch vulnerable security holes, and install mobile security software as an extra layer of security.
2. Turn off Wi-Fi, Bluetooth and NFC when not in use, as these are virtually open connections to your phone and your car.
3. Do not use the same passwords across multiple applications and devices.
4. Only visit certified repair centers. Dishonest automotive shops can inject malware into the computer system, steal data and even trigger false maintenance alerts.
5. If installing aftermarket car parts, first verify them with your car dealer to make sure they are safe and compatible with the car’s systems.

The Connected Home- Convenience vs. Privacy

The goal of the connected home is to automate daily tasks and make life more convenient. Automating tasks such as lighting adjustments, locking doors and even pre-heating ovens help users go about their daily tasks with ease and little afterthought. However, all of these devices usually have a smartphone application that is used as the interface for the device. These apps tend to collect data about your daily usage habits at home, and coupled with all of the additional information stored on your smartphone, it becomes a repository of just about every aspect of your daily life.

Some of these new technologies are not difficult to hack, and since the hub of the connected home is the smartphone, and the delivery method is your Wi-Fi, securing these two technologies are your first line of defense on the threat landscape.

Secure Your Home Network:

1. Change all default usernames and passwords on all devices connected to your network.
2. Enable Wi-Fi protected access if available, which creates a secure network via encryption.
3. Activate firewalls on your computer and wireless router.
4. Use a comprehensive security software suite on your computer to help detect threats on the network.
5. Use a strong, secure and unique password for your wireless network.