REIsearch NEWS


Pepper IoT: Smart devices aren’t so bright when it comes to security

According to Venture Beatsmart devices aren’t very intelligent when it comes to protecting user privacy and handling security, according to a report by Internet of Things platform and service provider Pepper IoT and cybersecurity firm Dark Cubed. The State of IoT Security Report reveals systemic security and privacy problems, which were discovered through testing of consumer smart home devices that are readily available from major retailers like Walmart. The report is available for download at Pepper’s landing page. Key findings of the report:

  • Device security is important, but the platform is much more critical: Connected devices require a sophisticated networked platform to manage communications, protect data, identify and patch vulnerabilities, and deliver a quality experience. Many (potentially most) consumer-connected devices available in U.S. retail today are managed by offshore platforms that have no motivation to protect user data or ensure high security standards.
  • Patching will not fix systemic problems: Devices that are insecure from the moment  they were installed have the potential to do immediate damage. These devices must be secure from day one to ensure protection of consumer data.
  • The market must make security a priority: Several of the devices reviewed were painfully insecure, showing that neither the manufacturer nor its platform provider addressed security. These devices leak sensitive consumer data and open direct lines of communication to servers in countries of concern.
The findings raise the awareness of the security and privacy epidemic that exists now in consumer IoT devices that are currently installed and in use in tens of millions of U.S. households. Several of the devices were “painfully insecure.” A few of the associated smartphone applications that control these devices were “terrifying in the extent to which they can access our personal data.”

Twitter Feed