Whether you’re giving or receiving, you need to see this.
So-called smart speakers and activity trackers have become extremely accessible as this year’s holiday shopping season got off to a tremendous start between Black Friday, Shop Local Saturday, and Cyber Monday. Thanks to the crazy sales, Internet of Things, or IoT gifts like the Google Mini could be purchased for as little as $10, and activity trackers like Fitbit were offered for as little as $30. At that price, who could resist buying one for everyone on their Christmas list?
Who wouldn’t love to have a personal assistant like Alexa to answer simple questions, maintain your calendar, provide a weather report, or to run your smart home? What better way to encourage healthy activity and eating habits, than a Fitbit to count your steps AND your calories?
What else do these IoT gift gadgets know about you and where do they share that information?
Anything connected to the Internet is vulnerable to hackers. If you’re a creature of habit with your exercise regimen, hacking into your activity tracker could let a burglar learn your running schedule and know when your house is safe to rob. Similarly, hackers can get control of your Internet based home automation system to deactivate alarms and cameras to suit their illicit purposes.
The companies who market these IoT items also have access to more information than you think. In addition to storing the questions you ask and the items you view (all in the name of improving your on-line user experience), even when smart speaker devices are idle, they can hear you. You might have a random conversation about a stunning new Alfa Romeo model that you saw at the mall, and next thing you know, the next time you’re on-line, you get hit with ads for the local Alfa dealership.
Literally anything you say can be heard and stored by these devices and used in a variety of ways.
Whether you’re buying an IoT gift for a friend or loved one, or treating yourself to a new gadget, make sure you know how to be as secure and private as possible.
Security and Privacy Tips for your Device
- Mute it: Most smart speakers have a mute button. When the mute button is activated, you device won’t answer your questions, but it won’t record your private conversations either.
- Don’t connect sensitive accounts to your smart speaker device: That means anything to do with money or health information
- Erase old recordings and delete search history: Many devices including Amazon and Google provide web-based account management that allows you to delete recordings of the requests you make of your device as well as delete your search history. Do both regularly.
Tighten IoT Device Settings:
- For Google Home you can disable “personal results” from showing up.
- Turn off purchasing altogether or set a purchase password
- Pay attention to notification emails – make sure you’re not getting notified about something you didn’t purchase.
- Use a strong password and 2 Factor Authentication < https://en.wikipedia.org/wiki/Multi-factor_authentication > (2FA) whenever possible .
- Use a WPA2 < https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access > encrypted Wi-Fi network and not an open hotspot at home.
- Configure 2 separate Wi-Fi networks: One for guests and unsecure IoT devices, and another for computers, tablets and smartphones used for online banking, shopping and general Web activity
- Where available lock the voice assistant down to your personal voice pattern.
- Disable unused services.
- Don’t use the voice assistant to remember sensitive information such as passwords or credit card numbers.
The Federal Trade Commission offers more tips to secure your IoT devices.
It’s Simple Cyber Sense!
This may all sound quite technical and a bit confusing; it’s really common sense evolved into cyber sense. You wouldn’t go out and leave all your doors open, you wouldn’t go out of your way to broadcast when you’re not home, and you wouldn’t allow a perfect stranger into your home to look at your personal banking and medical information. With these tips and information, you can be sure that your IoT gifts won’t allow hackers to violate those same privacies.