Whether it is the camera that helps you keep an eye on your home while you are away or the temperature sensor which helps your heating system keep a cozy temperature, you are probably sending all that data through the cloud. This might be useful for remotely controlling & monitoring your devices, or just collecting data to an online analytics platform that can in-turn help you make the best out of your smart home but can also lead to your data getting stolen. A recent example of this is what happened to CloudPets. An internet-connected teddy bear that allowed kids and parents exchange voice messages had a major security vulnerability which allowed hackers to gain info about their users and even use the cute toy as a spy device. A major cause of security vulnerabilities is users not securing their devices by placing them behind a firewall or changing the default passwords that the device comes configured with. This is most common with IP cameras. There is even a whole website dedicated to providing quick and easy access to unsecure cams. Sadly this does not only apply to cameras. Smart homes, industrial control centers and other online devices are listed and easily accessed from a dedicated IoT search engine called Shodan.
Not all concerns stem from poor security though as just a few years ago, Samsung warned its customers not to discuss sensitive information in front of their Smart TV. Another example is a connected sex toy, that sends usage data to the manufacturer. Although clearly stated in their privacy policy, a lot of customers might not realise that by using the product they might be sharing very intimate details with third parties. As the IoT market grows, more aspects of our lives are broadcasted over the internet. Simple data like light switch usage or really detailed info about your movements tracked by GPS enabled devices could be stored somewhere insecure or even sold for profit to companies that are interested in analyzing that data for interesting patterns.
At the end of the day, it is up to the manufacturers to keep the data as secure as possible and to be transparent about what kind of info they are collecting from their users and what they are using it for.
When building the 1oT Terminal, security has been our top priority from day one. Every aspect of our service is wrapped in multiple, industry standard security layers that are combined to ensure a safe, encrypted connection both on the web and through the API. On top of that, we have built many security add-ons for our service users for extra care.
For example, you can limit access to specific IP addresses, making sure that no unauthorized people can access your data. We also implement two-factor authentication, making logging in simple and secure.
We are happy to provide you more information about our security features - just contact us at sales@1oT.com.
For more general overview of security in IoT, we suggest you to read our article: "Practical approach to security in IoT".