I bet I can guess your password
Let’s start with a really big number.
9 billion
Is that big enough for you? Well, that is the approximate number of data records lost or stolen since 2013 according to the breachlevelindex.
What is worse is that only 4% of these breaches were ‘secure’, meaning that the data was encrypted, and the stolen data was rendered useless.
This averages out to a staggering 58 data records lost or stolen every second in the last four years.
Things can only get better
In the words of the immortal D:Ream (remember them!) – “Things can only get better”.
Well, perhaps not if you are talking about the ‘Internet of Things’ (IoT). The Internet of Things is the popular name given to the network of physical devices that are embedded with equipment that enables them to connect to, and exchange data over the internet.
Given the above numbers and the fact that there have been quite a few high-profile data breaches in the last few years, you would be forgiven for thinking that, as consumers, we now protect our own personal data with same vim and vigour as a high-security bank vault. However, evidence suggests this is not the case.
Gartner forecasts that 8.4 billion connected things will be in use worldwide by the end of 2017, up 31% from 2016, and will reach 20.4 billion by 2020. Just think that is nearly three devices per person, for everyone on the planet!
You probably already have one of these devices, especially if you got one of those cheeky voice controlled home devices for Christmas like I did. “Alexa, rap to me” kept me amused for hours during the various re-runs of the Home Alone films.
You are part of the problem…
I don’t normally like to accuse my readers of being a problem, but the fact is, many of these new IoT devices are not as secure as we would like them to be and we don’t do enough to protect ourselves.
In 2017 The Telegraph reported that the most popular password used on devices is ‘123456’, followed closely by the much more secure ‘123456789’.
In addition to this, security experts have hacked a host of IoT devices from connected baby monitors to smart fridges.
IoT manufacturers are falling over themselves to get their products to market to capitalize on the booming demand for the latest ‘smart’ thing, however, this means that some of these devices are coming to market without enough consideration given to security, thus abdicating much of this responsibility to the end user – you!
You need to shop carefully when you rush out and get the latest IoT. There is a ‘Smart’ everything now – fridge, TV, door lock, teddy bear and even the Quirky Egg Minder, that connects your egg tray to the Internet so you can be pre-warned when you are about to be eggless. However, many IoT devices are not as secure as they should be. Whilst there is a responsibility on the device manufacturer to make their devices secure, you also have a responsibility to ensure you are buying a secure device and to follow all the instructions and guidelines on keeping it secure, such as changing default passwords, updating software etc.
If you are not already using a password manager, then 2018 is the year to get into it. All you have to do is remember one master password and let the password manager generate unique secure passwords for all your other accounts.
I cannot seem to go a whole article without mentioning GDPR, but it is worth stating that many of these devices collect personal data, so it is important that manufacturers consider this processing and collection and that end users are informed about what data they are exposing to these devices.
The future is bright
In the medium to long-term, devices will become much more secure by default, and over time manufacturers, regulators and ultimately consumers will work together to ensure data is being protected correctly. Until then, you better go and change your five-year-old Facebook password!
Find more information on data protection and the GDPR.