Saying that the internet is ubiquitous is a bit of a cliché these days. It’s on all of our devices and it’s on all the time. It might be more accurate to say that we’re on all the time. (Think about it, when was the last time you disconnected deliberately to get a few moments of digital quiet time?) More and more we are seeing new devices and gadgets and things that can be connected online. From watches to fridges to toothbrushes to heart monitors to toys to cars to toasters to _________ (fill in the blank). The name “internet of things” is appropriate like few others: any thing can now be connected to the internet. Therein lies the rub.
A new twist to things we know and love.
Many of the things that are being connected to the internet are devices that have been around for a long time that now have new online capabilities. Examples are medical devices that allow doctors to monitor a patient’s status remotely, cars that let the manufacturer know how the engine is running, cameras that can be viewed from anywhere in the world, and many more. These are wonderful things when used for good (i.e. their primary purpose), BUT there are always going to be bad guys who figure out how to misuse things for their own personal gain.
Security and privacy go hand-in-hand.
For many people, security has become a maze: full of wrong turns and dead ends. How can you know which thing is secure and which isn’t? And what should you do when a thing isn’t safe? Sadly, some of the wrong turns are the result of incomplete advice or misleading headlines. It’s discouraging for users to hear the constant media refrain about the importance of connected security only to have to try to figure out much of it for themselves because the industry doesn’t seem to care enough to make it clear.
What about privacy? A key casualty of the instantaneous nature of the IoT has been privacy. The desire for immediacy and instant gratification (I want it now!) is a much faster reflex in most of us than any consideration of security or privacy. But is it really a good idea to broadcast every silly thing to the world now?
With the rush to innovate and bring new things to the market, it’s natural that manufacturers focus on the sexy features that attract the customers’ dollars HOWEVER given the online nature of these new products, it’s critical to “bake in” security up-front.
Introducing a new teddy bear on the market is one thing, but introducing a teddy bear that can be hacked to reveal what a child and the child’s family are doing at all hours of the day is something quite different. In addition to manufacturers having a great responsibility for security, consumers and users are going to have to educate themselves to be #cyberaware on all the devices and apps they choose to use.
National Cyber Security Awareness Month (October)
Awareness is a critical part of the learning process. Awareness is the ability to recognize the circumstances of a situation so that you know what to do. Awareness is like the deliberate practice that we’re familiar with in sports (muscle memory), cooking, self-defense and other areas of our lives. Awareness is that voice in the back of your head that raises a flag that something isn’t quite right. Awareness is being able to react reflexively when something’s wrong instead of having to think about it.
We were pleased to join a slew of security experts for another #ChatSTC hosted by the team at StopThinkConnect.org on the topic of Navigating Your Continuously Connected Life. Review the informative twitter chat with all the questions and answers from all the participants.
Sticky Password recommends including a password manager as part of your basic online safety kit. In addition to creating and remembering your passwords and passphrases for you, Sticky Password will fill in online forms for you.