Internet of Things and Security

The Internet of Things (“IoT”) is the network of electronic devices that communicate with each other via the Internet without human intervention.  It has caused concerns regarding security since vast amounts of unsecure electronic devices are being used to send and receive information. Furthermore, the data breaches that lead to the loss of privacy have become more common as the Internet is used to connect electronic devices via private and public networks.

What is the proper security level for electronic devices?

Electronic devices that connect to each other over the Internet were created to transfer information, but were not originally designed with proper security features. What is the proper security level when electronic devices are interconnected? In order to avoid unauthorized access, security precautions should be implemented within the electronic devices and computer networks. For example, firewalls, encryptions, intrusion detection systems, and multi-factor authentications should be implemented as preventive and reactive measures. The electronic devices—which are accessed via the Internet—should be segmented into their own network and include network access restrictions.  Also, consumers should change the default passwords on smart devices and implement strong passwords.

A corporation’s servers must be properly updated and secured to prevent unauthorized access by third parties. A skilled hacker can connect to a network server and gain access to confidential information (e.g., trade secrets) in a short amount of time.  Information transferred wirelessly to and from printers, mobile phones, or other electronic devices is susceptible to unauthorized access. Also, hackers can implement an IoT Botnet, which comprises of a group of compromised electronic and Internet-connected devices that have been setup for illegal purposes.

Public Wi-Fi is a concern because it’s used regularly to connect multiple electronic devices to the Internet in public places (e.g., cafes, airports).  A person’s electronic device (e.g., smartphone, laptop) can store and remember the network login/password upon return to the public places and connect automatically. Although, information may be encrypted on electronic devices, cyber criminals are becoming more capable in decrypting information, or using the illegally-obtained information for fraudulent transactions (e.g., online banking fraud, credit card fraud).

What are the main concerns over local and national security?

The government can use this new technology in order to battle crime and enforce the law.  For example, Drones (a/k/a “Unmanned Aircraft Systems” or “Unmanned Aerial Vehicles”) have become an important concern for law enforcement.  They are accessible to the public and are being used to collect information and to view public or private spaces. Government owned and operated drones may be accessed by hackers by tapping into their systems without authorization.  Safety concerns, from the use of airspace, to the potential use of terrorism, are being faced by organizations which are trying to enhance security.  Law enforcement agencies use drones for the surveillance of individuals.  The ability to track individuals via electronic devices has been useful, but it remains controversial.  Also, security measures must be implemented in order to enforce local and national security when using drones and similar surveillance devices.

At our law firm, we assist clients with legal issues related to internet and technology laws. You may contact us to set up an initial consultation.