Community

Join the Community

22,192
Expert opinions
44,256
Total members
394
New members (last 30 days)
213
New opinions (last 30 days)
28,728
Total comments
Join Sign in

Pay attention to your IoT Device Security

  2 Be the first to comment
Robert Siciliano
Robert Siciliano
Security Analyst
Safr.me
Location
Boston
Followers
8
Opinions
846
Unfollow

Wow cool! A device that lets you know, via Internet, when your milk is beginning to sour! And a connected thermostat—turning the heat up remotely an hour before you get home to save money…and “smart” fitness monitors, baby monitors, watches…

Slow down. Don’t buy a single smart device until you ask yourself these 10 questions. And frankly, there’s a lot of effort in some of these questions. But, security isn’t always easy. Check it out.

  • Was the company ever hacked? Google this to find out.
  • If so, did the company try to hide it from their customers?
  • Review the privacy policies and ask the company to clarify anything—and of course, if they don’t or are reluctant…hmmm…not good. Don’t buy a device that collects data from vendors that fail to explain data security and privacy.
  • Does the product have excellent customer support?
  • Is it hard to get a live person? Is there no phone contact, only some blank e-mail form? Easily accessible customer support is very important and very telling of the product’s security level.
  • Does the product have vulnerabilities that can make it easy for a hacker to get into? You’ll need to do a little digging for this information on industry and government websites.
  • Does the product get cues for regular updates? The manufacturer can answer this. Consider not buying the device if there are no automatic updates.
  • Does the product’s firmware also automatically update? If not, not good.
  • Is the Wi-Fi, that the device will be connected to, secure? Ideally it should be WPA2 and have a virtual private network for encryption.
  • Will you be able to control access to the product? Can others access it? If you can’t control access and/or its default settings can’t be changed…then be very leery.
  • What data does the device collect, and why?
  • Can data on the device traverse to another device?
  • Ask the gadget’s maker how many open ports it has. Fewer open ports means a lower chance of malware slithering in.
  • Is stored data encrypted (scrambled)? If the maker can’t or won’t answer this, that’s a bad sign.
  • Ask the manufacturer how the device lets you know its batteries are low.

 

 

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

3522
 

Share

2
2
 
 
 

Channels

/security

Comments: (0)

Robert Siciliano
Robert Siciliano
Security Analyst
Safr.me
Member since
04 Feb 2009
Location
Boston
Followers
8
Following
0
Opinions
846
Unfollow

Six Websites to Fortify Your Identity To Protect You From Fraud: A Comprehensive Guide

The Ultimate Guide to Passwords, Password Managers, Two Factor and Passkeys

Your Social Security number IS in the Hands of Criminals

Most Security Awareness Training is Insufficient and Should Lead to Consequences

AI Spoofed Sites Lead to $50 Million Investment Scams

See all Opinions from Robert

More expert opinions

Andrew Ducker

Andrew Ducker Payments Consulting at Icon Solutions

Commercial Variable Recurring Payments (cVRP) and the implications for banks

Anton Roe

Anton Roe CEO at MHR

Driving UK growth in 2025: Big steps to stimulate business productivity

Adam Pemberton

Adam Pemberton Senior Digital Marketing Executive at Planixs

Is your LCR (Liquidity Coverage Ratio) fit for purpose?

Konrad Litwin

Konrad Litwin Global General Manager - Testing at Perforce Software

Getting banking websites and apps ready for peak traffic over the holiday season

See all opinions

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,192
Expert opinions
44,256
Total members
394
New members (last 30 days)
213
New opinions (last 30 days)
28,728
Total comments
Join Sign in

Trending

Boris Bialek

Boris Bialek Vice President and Field CTO, Industry Solutions at MongoDB

Enhancing Digital Banking Experiences with AI

Kathiravan Rajendran

Kathiravan Rajendran Associate Director of Marketing Operations at Macro Global

Strategy that Banks should consider in 2025 to outpace fintechs and MTOs in Cross Border Payments

Barley Laing

Barley Laing UK Managing Director at Melissa

Reducing the impact of AI-driven fraud in 2025

Scott Dawson

Scott Dawson CEO at DECTA

SMEs, AI and PSD3 – Everything You Need To Know About What’s Coming in 2025

Now Hiring

All companies

Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.

Please read our Privacy Policy.

Accept