As more devices connect to the Internet, so too does the chance of each of them being compromised. ERNST WITTMANN, Regional Manager for Southern Africa at Alcatel, gives some tips on how to protect these devices and ultimately yourselves.
The Internet of Things (IoT) is rapidly taking off as people and businesses connect everything from their cars, to their home automation systems, and to the Internet. These devices are starting to change how we live and work – allowing us to track our heart rates and calories with a fitness tracker, monitor and improve our driving habits via a vehicle telematics device, and so much more.
Yet connecting a device to the Internet exposes it to a range of information security threats. We have already seen hackers create botnets using connected fridges, webcams, smart DVRs and other IoT devices and launch distributed denial-of-service (DDoS) attacks. And as we store more personal data – for example, health or payment information – on IoT devices, the risks of data theft and loss will multiply.
As we use the IoT for convenience, we must not treat privacy and security as an afterthought. The IoT devices could be the most vulnerable point in your home or office network. Here are five simple ways recommended by Alcatel, to improve the security of your information as you start to introduce more and more connected devices into your home or small business.
Don’t connect a device to the Internet unless there is a clear benefit for doing so
The most secure device is one that isn’t connected to the Internet in the first place. Ask yourself whether there’s really any benefit to connecting your fridge or your baby monitor to the Internet before you do it. And when you’re not using a device, consider disconnecting it from your network.
Create a separate guest network for IoT devices
Many Wi-Fi routers will allow you to set up multiple networks so that you can, for example, allow guests in your home or customers at your office to browse the Internet. Consider connecting your IoT devices to a separate Wi-Fi network to the one you use for your personal PC and mobile devices. This means that if someone gains access to the IoT device they won’t be able to use it to get to your other devices and information.
Use strong passwords for each device
You do use strong passwords to secure your PC and the many online services and applications you use, don’t you? Apply the same principle to any IoT devices you connect to the Internet. In addition to picking a strong password, it’s wise to pick different passwords for each device and different ones to the ones you use for email, online banking, social media and so on.
A hacker who gets a password and login name for one of your IoT devices will probably try it on other online services and devices. Using different details for each service and device means a hacker won’t have a skeleton key for all of your accounts and devices if he or she manages to break into your smoke detector or your media streaming device.
Bonus tip: Remember to change the password and login name for your router and all other devices when you first connect it to the Internet. Many people leave the default password and login in place – something like ‘admin’ – and make life easy for the criminals.
Stay updated with the latest firmware
When makers of IoT devices identify security vulnerabilities in their devices, they will usually release software updates to fix them. Installing the latest security patches for your devices’ firmware will help you reduce the chances of a successful attack. Check for updates every three months or so, or configure your devices to automatically download the latest patches.
Protect your smartphone, tablet and PC
It goes without saying that you should take all sensible steps to secure your PCs, tablets and smartphones since these are the devices you’ll usually use to log in to your router and your IoT gadgets. This includes ensuring you have up-to-date antimalware software, using strong passwords and so on.
You’ll often access your IoT devices, mobile banking, and many other services from a mobile app, so take good care of your smartphone. Secure access to the device behind a PIN or password when the screen is locked and set your phone up so you can remotely track its location and wipe your data if it gets lost or stolen.
Revealing the real cost of ‘free’ online services
A free service by Finnish cybersecurity provider F-Secure reveals the real cost of using “free” services by Google, Apple, Facebook, and Amazon, among others.
What do Google, Facebook, and Amazon have in common? Privacy and identity scandals. From Cambridge Analytica to Google’s vulnerability in Google+, the amount of personal data sitting on these platforms is enormous.
Cybersecurity provider F-Secure has released a free online tool that helps expose the true cost of using some of the web’s most popular free services. And that cost is the abundance of data that has been collected about users by Google, Apple, Facebook, Amazon Alexa, Twitter, and Snapchat. The good news is that you can take back your data “gold”.
F-Secure Data Discovery Portal sends users directly to the often hard-to-locate resources provided by each of these tech giants that allow users to review their data, securely and privately.
“What you do with the data collection is entirely between you and the service,” says Erka Koivunen, F-Secure Chief Information Security Officer. “We don’t see – and don’t want to see – your settings or your data. Our only goal is to help you find out how much of your information is out there.”
More than half of adult Facebook users, 54%, adjusted how they use the site in the wake of the scandal that revealed Cambridge Analytica had collected data without users’ permission.* But the biggest social network in the world continues to grow, reporting 2.3 billion monthly users at the end of 2018.**
“You often hear, ‘if you’re not paying, you’re the product.’ But your data is an asset to any company, whether you’re paying for a product or not,” says Koivunen. “Data enables tech companies to sell billions in ads and products, building some of the biggest businesses in the history of money.”
F-Secure is offering the tool as part of the company’s growing focus on identity protection that secures consumers before, during, and after data breaches. By spreading awareness of the potential costs of these “free” services, the Data Discovery Portal aims to make users aware that securing their data and identity is more important than ever.
A recent F-Secure survey found that 54% of internet users over 25 worry about someone hacking into their social media accounts.*** Data is only as secure as the networks of the companies that collect it, and the passwords and tactics used to protect our accounts. While the settings these sites offer are useful, they cannot eliminate the collection of data.
Koivunen says: “While consumers effectively volunteer this information, they should know the privacy and security implications of building accounts that hold more potential insight about our identities than we could possibly share with our family. All of that information could be available to a hacker through a breach or an account takeover.”
However, there is no silver bullet for users when it comes to permanently locking down security or hiding it from the services they choose to use.
“Default privacy settings are typically quite loose, whether you’re using a social network, apps, browsers or any service,” says Koivunen. “Review your settings now, if you haven’t already, and periodically afterwards. And no matter what you can do, nothing stops these companies from knowing what you’re doing when you’re logged into their services.”
***Source: F-Secure Identity Protection Consumer (B2C) Survey, May 2019, conducted in cooperation with survey partner Toluna, 9 countries (USA, UK, Germany, Switzerland, The Netherlands, Brazil, Finland, Sweden, and Japan), 400 respondents per country = 3600 respondents (+25years)
WhatsApp comes to KaiOS
By the end of September, WhatsApp will be pre-installed on all phones running the KaiOS operating system, which turns feature phones into smart phones. The announcement was made yesterday by KaiOS Technologies, maker of the KaiOS mobile operating system for smart feature phones, and Facebook. WhatsApp is also available for download in the KaiStore, on both 512MB and 256MB RAM devices.
“KaiOS has been a critical partner in helping us bring private messaging to smart feature phones around the world,” said Matt Idema, COO of WhatsApp. “Providing WhatsApp on KaiOS helps bridge the digital gap to connect friends and family in a simple, reliable and secure way.”
WhatsApp is a messaging tool used by more than 1.5 billion people worldwide who need a simple, reliable and secure way to communicate with friends and family. Users can use calling and messaging capabilities with end-to-end encryption that keeps correspondence private and secure.
WhatsApp was first launched on the KaiOS-powered JioPhone in India in September of 2018. Now, with the broad release, the app is expected to reach millions of new users across Africa, Europe, North America, Southeast Asia, and Latin America.
“We’re thrilled to bring WhatsApp to the KaiOS platform and extend such an important means of communication to a brand new demographic,” said Sebastien Codeville, CEO of KaiOS Technologies. “We strive to make the internet and digital services accessible for everyone and offering WhatsApp on affordable smart feature phones is a giant leap towards this goal. We can’t wait to see the next billion users connect in meaningful ways with their loved ones, communities, and others across the globe.”
KaiOS-powered smart feature phones are a new category of mobile devices that combine the affordability of a feature phone with the essential features of a smartphone. They meet a growing demand for affordable devices from people living across Africa – and other emerging markets – who are not currently online.
WhatsApp is now available for download from KaiStore, an app store specifically designed for KaiOS-powered devices and home to the world’s most popular apps, including the Google Assistant, YouTube, Facebook, Google Maps and Twitter. Apps in the KaiStore are customised to minimise data usage and maximise user experience for smart feature phone users.
KaiOS currently powers more than 100 million devices shipped worldwide, in over 100 countries. The platform enables a new category of devices that require limited memory, while still offering a rich user experience.
* For more details, visit: Meet The Devices That Are Powered by KaiOS
* Also read Arthur Goldstuck’s story, Smart feature phones spell KaiOS