Understanding Data Privacy in the Connected World

understanding data privacy in the connected world

Twenty-four billion is approximately three times the number of the current world population. It’s also the number of Internet of Things (IoT) devices expected to be installed globally by 2020. There’s no denying that IoT comes with numerous benefits that will change the way we carry out everyday tasks. Connected cars and healthcare devices are just the beginning, as we will probably see advances like smart homes in the near future.

Exciting as all this might sound, the rise of connected devices also means more entry points for cyber criminals. Data privacy in an IoT-connected world should be top priority, and companies that use connected devices must build robust security from the onset. That said, we share the top IoT data privacy concerns you need to be aware of as well as what you can do to keep your data protected.

Too much data

IoT devices can collect a staggering amount of data. In fact, a Federal Trade Commision report predicted that fewer than 10,000 households can generate 150 million discrete data entry points every day. This treasure trove of data is a hacker’s dream come true.

The solution: identification

You need to secure multiple points of data vulnerability. To do that, you need to identify what devices are collecting data, the type of information they’re gathering, how they’re consolidating that data, and whether that data might be valuable to attackers.

Eavesdropping

Forget thieves picking the locks on your doors because hackers can use a connected device to virtually sneak into your office. A German security researcher proved this by intercepting unencrypted data from a smart meter device to determine what television show someone was watching at that moment.

The solution: data encryption

Data encryption translates your data into another code, allowing access to only people with decryption key. Better yet, format preserving encryption (FPE) enables you to derive value from the data while protecting it as it moves across your organization, rather than requiring information to be decrypted at every point in the process. This eliminates the need for you to allow excessive access to sensitive data, thus minimizing the risk of compromised data.

The problem: unclear privacy policy

You need to know that IoT devices can act like monitoring tools. An Electronic Frontier Foundation activist reported an issue with the Samsung Smart TV privacy policy concerning the fact that the device could monitor sensitive topics discussed by consumers. Samsung responded by editing its privacy policy. But most people don’t read privacy policies. And even if they did, most would be encoded in legal language that is difficult to understand. If a smart television can have such an impact on data privacy, other IoT devices could potentially do more damage.

The solution: industry self-regulation

Businesses can self-regulate by developing industry best practices on cybersecurity and data minimization. Companies that collect user data must take responsibility for protecting their users.

Each industry can create standards specific to the needs of sensitive data they collect. Layered privacy policies and creative common licenses could serve as useful models; these licenses feature three layers. The first is the legal code layer, which is the traditional legal layer that comes in the kind of language and text format that lawyers are familiar with. Second is the human-readable layer, which makes licenses available in a format that normal people can read. Last but not least is the machine-readable layer, which features format that software, search engines, and other kinds of technology can determine when work is available under a Creative Commons license.

Before adopting IoT, you need to address security and privacy concerns with both your technology provider and the devices manufacturers. Our team of cloud specialists can plan a roadmap that will ensure proper security to support your IoT devices. Any vulnerabilities can be identified early and resolved quickly. We can develop better privacy policies that address concerns with data privacy so you can operate with greater control. Just give us a call today and we’ll be happy to help.

Categories: Best practices, Internet of Things, Cloud security

Tags: business data, data privacy, data security, internet of things, IoT, IoT devices