AS HOME AUTOMATION ENTHUSIASTS RUSH to connect digital devices — a video doorbell, a wireless home security kit, a set of Wi-Fi lightbulbs — they are helping build a new ecosystem of convenience, safety and efficiency. That ecosystem is the Internet of Things (IoT), the burgeoning global network of connected “smart” devices. Within five years, the IoT may comprise more than 41 billion internet-connected objects.1
For consumers, these devices already have elevated household conveniences and services to futuristic heights. Think sensor-based home-monitoring and communications systems, energy-efficient automated appliances, always-on virtual assistants and self-driving automobiles.
Each device connected to a network, however, is also an endpoint that criminals can exploit. And research shows they are doing just that: One study found that, in 2019, the number of businesses that experienced a data breach caused by an unsecured IoT device had doubled since 2017 to 29%.2
But the problems are not just a function of cyber criminals and insecure devices. Many consumers don’t prioritize device security due to a lack of understanding of how risky an insecure device can truly be, and unwittingly open themselves to compromise.
For instance, smartphone users often grant broad access to their device’s location services, camera, microphone, contacts and calendar — without knowing whether these permissions are legitimate and how the data they generate will be secured. By providing this access, users may unintentionally open access to additional data on the device, including sensitive information like system credentials, credit card numbers and contact information for colleagues, clients, friends and family.