Light Dark
April 22, 2016 By David Strom 2 min read
Data Protection

A recent study sponsored by Intel Security called “Internet of Things and the Smart Home” showed just how much people value their personal data. The study was conducted in July 2015 by Vanson Bourne and collected information from 9,000 consumers.

Everyone has their price, and in this survey of consumers in nine different countries, a majority of respondents indicated they might be willing to share their personal data collected from their smart home with companies in exchange for money. Notably, 70 percent agreed companies should give coupons and discounts to customers in return for data about device usage. That is somewhat depressing.

The Personal Data Disconnect

Here is the disconnect: 92 percent of those surveyed were very concerned about their smart home data being hacked by cybercriminals, even though many were looking forward to living in a smart home.

“Security has to be foundational to the Internet of Things, and when done right, it can be an enabler of IoT,” said Steve Grobman, the chief technology officer for Intel Security, in a statement.

That’s the problem: It is rarely done correctly. While the market for smarter home-based devices such as thermostats, security monitors and safety equipment is booming, few consumers have considered the information security aspects of these devices or what personal data they can collect.

Many of these devices have open IP ports or simple default administrative credentials that leave backdoors cybercriminals can easily exploit. Computerworld reported on an HP study that found 10 different IoT-connected home devices such as smart TVs, webcams and baby monitors are full of security vulnerabilities.

While none of the home IoT suppliers have been sued for a cyber break-in, it is only a matter of time. The potential for obtaining personal information from one of these vendors may not be that far behind, especially given how lax many are with cybersecurity.

Making matters worse is that there is a sizable gap between the real and imagined popularity of connected home devices, described in detail in the “Internet of Things and the Smart Home” report.

Securing Smart Buildings

Mashable is just one source that published a series of suggestions that potential home IoT vendors should consider. Some recommendations include:

  • Have clear statements about privacy policies that are easily accessible from your website’s home page.
  • Implement a process to regularly update firmware with the latest security patches and improvements.
  • Require customers to change default passwords upon installation and enforce stronger password policies.
  • Choose default settings that offer more data privacy protection.
  • Have as few open IP ports as necessary.

Obviously IoT isn’t going away, and its lure for more home-related devices is certainly strong. But the right level of information security should be baked into a vendor’s business model — and its products, too.

To learn more watch the on-demand webinar: Securing the Internet of Things

 |  |  |  | 
David Strom
Security Evangelist

More from Data Protection
January 27, 2025

How secure are green data centers? Consider these 5 trends

4 min read - As organizations increasingly measure environmental impact towards their sustainability goals, many are focusing on their data centers.KPMG found that the majority of the top 100 companies measure and report on their sustainability efforts. Because data centers consume a large amount of energy, Gartner predicts that by 2027, three in four organizations will have implemented a data center sustainability program, which often includes implementing a green data center.“Responsibilities for sustainability are increasingly being passed down from CIOs to infrastructure and operations…

January 21, 2025

Why maintaining data cleanliness is essential to cybersecurity

3 min read - Data, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels.However, like any other piece of company equipment, data can degrade over time and become less valuable if organizations aren’t careful. What’s even more dangerous is that neglecting data hygiene can expose organizations to a number of security…

January 3, 2025

Router reality check: 86% of default passwords have never been changed

4 min read - Misconfigurations remain a popular compromise point — and routers are leading the way.According to recent survey data, 86% of respondents have never changed their router admin password, and 52% have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing emails and stealing staff data when supposedly secure devices can be accessed using "admin" and "password" as credentials?It's time for a router reality check.Rising router risksRouters…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature