GoDubai
  
  
  
  
Citylife > Press Release
  Home Contact us Add to Favourites
Most Recent Postings
More Press Releses
Featured Sections

Event Finder
A daily roundup of exhibitions, promotions and other events in Dubai and the rest of the Emirates.
Submit an Event
Latest Dubai Press Releases >> Technology

 
  Share
United Arab Emirates -  January 20, 2021:    The paparazzi are known for often taking covert photographs of celebrities and selling them to tabloids or gossip magazines. In a similar vein, could the increasing number of smart, connected devices coming into our lives start acting like covert “data paparazzi”? And what can we do to avoid it? Find out here.
 
Today, our devices collect and forward information to all sorts of external parties: our home security alarm provider, our electricity supplier, our fitness watch vendor, our car manufacturer, and so on. Smart assistants listen to our voice commands and take that information to the internet to execute our orders.
But smart devices go beyond the obvious too – they can be anything from a connected toaster to a washing machine, sewing machine, or a toothbrush!
Data from one device may not be a problem, but combining data from several devices could create a pattern that may reveal unwanted information about a user or a business. And with more devices coming into homes, concerns around the way personal data is managed, controlled and used by devices and organizations are increasingly being raised.
 
Each new device may introduce a new security risk, if not properly managed through its life cycle. The security risks must be handled by all actors in the value chain, including the device owner, regardless if devices are used by consumers, industries, or smart cities.
 
So what will be important to think about to ensure that users benefit and get value from devices and their related services, but avoid adding security issues? Should we risk unintentionally becoming surrounded by data paparazzi with their viewfinder aimed at us?
In this blog post, we'll bring some light on to what these factors mean for the device owner and what can be done to confront it.
 
Smart devices and privacy: the big picture
Many of us already interact with at least 3 to 5 devices daily – a smartphone or even two, a smart watch, a tablet PC, a work laptop, and maybe a smart TV. One estimate is that by 2030, each of us will own 15 connected devices. Some devices, like a connected car or smart meter, are connected by default and typically managed by the company the user is a customer of. They typically rely on cellular connectivity. For many other devices, the users themselves select and provide the connectivity, often Wi-Fi or cellular, and are personally responsible for the management of the devices.
 
Above all, the network infrastructure and devices need to be secure. It's important for us all that we can trust how our devices operate and handle data. It will also be important to ensure device security through the life cycle of the devices. With the fast growth and wide of range of smart and connected devices from different brands – that come with different user interfaces and functions – it might be cumbersome to keep all devices up to date in terms of firmware and security status, for example, from the day the device is purchased until its recycled. However, this is a key requirement for enabling a secure and trustworthy IoT environment.
 
GDPR and similar efforts have raised more attention to privacy from the general public. As people become more informed and want to know how their devices and information are used and managed, there will be an increased need for tools that enable identifying, verifying, and controlling the data the devices are collecting and sharing.
 
The data paparazzi problem
Let's now go into some issues that celebrities have to deal with, regarding paparazzi and stalkers, and how similar situations can also occur in the IoT world. We'll also reveal if similar mitigation strategies can work for both regular, and data paparazzi.
 
Information availability
While the saying goes that “all publicity is good publicity”, many celebrities wouldn't agree. They want to be in control of the information shared about them, to build a relevant public image but avoid revealing private relations, unattractive personal habits, or similar.
 
The same thinking is behind IoT security; information that's needed to complete the intended tasks of an IoT device should be made available, while the rest of the information should be kept private. However, for IoT there's often a more fine-grained approach as the information made available should in many cases only be made available to a restricted group of observers on a need-to-know basis.
 
The stalker problem
Many celebrities might also have to deal with stalkers – individuals who are overly interested in them and may try to gain as much information about them as possible, even using illegal means.
 
In the IoT space, the same phenomenon could happen to the average Joe. A smart home that doesn't restrict access to the information it generates, can easily become a lucrative target for an attacker; the information generated by the home can be used to gather different information about the inhabitants, which could later be leveraged to commit a cyber attack. Information about when various appliances are used, such as when doors are opened, lights are switched on/off, energy consumption fluctuates, can be a real treasure trove. This also means that potential attackers might not skip a house just because there's some security applied, rather the security needs to be good enough that it deters attackers from trying, or stops them in their tracks.
 
Mitigation strategies
Celebrities tend to take precautions to hinder paparazzi and stalkers from invading their privacy. This can be in the form of living in gated communities, or at least having access control to their property, through walls and gates for example. They might also apply surveillance measures such as motion sensors and surveillance cameras, and even security measures such as guards or guard dogs. When moving about in public, they might have a security guard with them to keep interested parties at least at arm's length.
The same things need to be considered in the IoT world. For example, in smart homes, access to the internal network and the data generated and stored there should be controlled and protected, monitoring should be applied to pick up on suspicious behavior, and reactive security measures, such as blocking and logging, should be taken when a breach is detected.
 
What has been normal for celebrities should now also become the standard for anyone in an IoT environment. When it comes to privacy, active measures should be taken to maintain it. While this might sound scary – and without proper actions it would be – it's not something that's difficult to achieve. Rather it's about having the right mindset and recognizing that security needs to be built in and considered more and more in the connected world, even for private citizens.
 
What to protect?
IoT is very much about the data generated and consumed by IoT devices. At first, this data may be seen as producing no risk, but even simple data in a certain context may be sensitive. For example:
• Power consumption data recorded by a smart meter can provide a lot of information about what's happening in a home. For example, based on the power consumption profile of TVs, switching on the TV will be visible from the data and if it's possible to match the time the TV is turned on with the TV guide, that will provide a good indication as to what people at home are watching.
• Any competent smart lock manufacturer will make sure that the communication with the lock is encrypted and its integrity protected. However, this might not be enough; by observing the traffic generated by a smart lock, one could potentially deduce whether the lock has been opened from the inside or the outside and thereby predict if there's anyone in the house at any given moment. Other data generated by a smart home, including power consumption and light switch data, can be used to improve the prediction.
• It's inevitable that, at some point, an electric device will reach the end of its lifetime and will need to be disposed of. If the information stored on the device isn't properly removed, a hacker who retrieves the device from a waste bin or who purchases it from a second hand store could dig out data or credentials, as well as information about the services the device has been connected to. This is information that could be used to spy on the owner in a more efficient way, or even control or modify other devices belonging to the owner from the backend.
The question therefore shouldn't be, “what do I need to protect?”, rather, “what don't I need to protect?”, meaning “what do I actually need to share?”.
How to avoid unauthorized use of private data
There's no silver bullet solution to this problem and the complexity is proportional to the number of devices and services that we as individuals interact with. Applying the best security practices is the responsibility of many entities. Device manufacturers and service providers need to provide secure devices/services, with proper control and maintenance for future proof device security.
But there are some rules of thumb that each of us can follow to minimize security and privacy issues related to our devices. By following these recommendations, one can build a system that will withstand a great deal of malicious intent, and deter the vast majority of attackers and opportunists. A few highly skilled and well-connected groups or individuals might be able to get past even the most secure systems, often through social engineering and phishing, that is, human weakness, rather than by technical security exploits. However, with the effort required, “average Joe” is maybe not the typical target.
End-user responsibilities include selecting suitable and secure solutions, and installing and configuring them in a secure way. Well-designed products should make this a relatively easy task, but it can also be done with the help of professionals. Furthermore, there are initiatives such as the Finnish Cybersecurity Label providing security labels for IoT devices, which aim to help consumers select products for which security has been verified.
Another important thing is to remember to update the software of the device.
And based on statistics regarding how a system's security most often fails, a crucial task for the end user is to remember to change the default password of all and any devices that are installed.
What can I do as a device owner?
• Check whether the device manufacturer/service provider offers firmware/software upgrades in case of security issues.
• Consider what data is generated and how it's used and stored, for example, locally and/or in the cloud.
• Check user terms and conditions to find out how data is used.
• Remember to change the default device password.
• Remember to keep device software up to date.
• Remember to wipe the device before recycling.
And remember to consider the trustworthiness of a device and its services before purchase!



Posted by : GoDubai Editorial Team
Viewed 5953 times
Posted on : Wednesday, January 20, 2021  
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of GoDubai.com.
Previous Story : How Small Travel & Tourism Business can Overcome COVID-19 Pandemic
Next Story : Samsung Introduces a One-Stop Shop that Curates Every Step of Your Cooking Journey
Email this article Print this article

Share this article with your friends and followers
NewsVine

Comments

Back to Top  
Most Viewed Press Release posted in the last 7 days
Lockdown Showdown: Jaguar I-pace Etrophy Series to Get Back on Track in Berlin i...
Three Eggs get Yemeni National a Guinness World Records Title
Omega's Antimagnetic Tourbillon Is a Watchmaking Breakthrough
Lamborghini SCV12: Squadra Corse Hypercar Ready to Hit the Track
The new BMW M5 and BMW M5 Competition
Toric Tourbillon Slate
GROHE Smart Control Review
Twitter tests Tweeting with Voice
Saxo Bank Launches Loyalty Program for MENA Region Clients
Hyundai Motor and Sony Pictures Entertainment Announce Unique and Pioneering Mul...
American Aesthetic Medical Center Has Something in Store for the Esthetical Figu...
WTTC Launches Safe Travels Protocols for Attractions, Car Hire and Short-Term Rental
NUDESTIX Launches - Nudies Blush, Bronze, and Glow Shade Extension
Volvo Cars Chengdu Car Plant Powered by 100 Per Cent Renewable Electricity
Range Rover Marks 50 Years of All-terrain Innovation and Luxury With Exclusive N...
Under-12 and Over-60 Can Now Take Part in Sports Activities: Dubai Sports Council
Dabur Ensures Safety with Hand Sanitizers and Personal Protection Kits as UAE Es...
Let's Brigthen Up! The Face Shop's Ultimate Summer Skincare Range From Belif is Here!
Handy Helper for Content Creators: The Compact A6100 Mirrorless Camera from Sony...
Pre-orders for Samsung's Galaxy S20+ 5G and Galaxy Buds+ BTS Edition now open in...
Experts Highlight need for Young Talent to Develop Skills for a Post-Covid-19 World
Dabur Launches Pure Organic Coconut Oil: Natural Protection for Hair, Skin, and ...
GEMS Wellington Academy – Al Khail Improves Rating to 'Very Good' in KHDA DSIB 2...
Etihad Airways to Recommence Flights to Athens
Dubai Sees Pronounced Uptick in Demand for Retail Units
Book Building of Amlak International's IPO of 30% of Shares
Sanctuary for the Senses: All-New Lincoln Corsair Arrives with Whisper-Quiet, Co...
Essence Spring/Summer 2020 Collection
Registration Opens for Training On the Camel Trek and Camel Marathon for Expats
Covid-19 Leads UAE Businesses to Adopt Upgraded Green Building Solutions
Dubai Sports Council Discuss Upcoming Sports Events With Federations and Organisers
Dubai Sports Council to Celebrate Dubai's COVID-19 Heroes Through Commemorative ...
Turkish Airlines Was the Busiest Operator in the Eurocontrol Area After Restarti...
Celebrate Father's Day With Parmigiani Fleurier Tondagraph Slate'
INFINITI of Arabian Automobiles presents Dubai Islamic Bank customers Super Sale...
Crude Oil Headwinds on Virus and Technicals
Customers can Benefit from Increasing Gold Rate by just Paying 10% Advance at Ma...
Canadian University Dubai Receives Prestigious Certification in Education for Pu...
Report Reveals the Six Fintech Innovations That Will Boost the ‘Financial Health...
Serco Middle East Appoints New Managing Director for Dubai Metro and Dubai Tram
Big Bang Integral King Gold
Pan Emirates Unveils Exclusive New Collection
Digital Vision Technology Signals On-Track Success for Panasonic Jaguar Racing
Schneider Electric Extends Strategic Partnerships with AVEVA, Lenovo and Stratus...
Celebrate World Music Day with HONOR Magic Earbuds
The 11th Edition of the Arab Fashion Week to Launch Virtually Today, from June 2...
New Bentayga to Launch Beyond100
Cairo Amman Bank Adopts the Latest Technology to Enhance Performance and Securit...
Celebrate Summer Safely with the New, Shopping Normal at BurJuman
Registration open for Dubai Watersports Summer Week