The internet of things (IOT) is more popular now than ever before. The major technology companies are developing new systems that operate in IOT devices, which can make similar products like home speakers work similarly from the user’s perspective but function differently in regards to its operating system and what the company chooses to do with their encrypted data.
A recent study suggested that by 2025 41% more of the human popular will use IOT devices. This makes it particularly challenging for computer security. As most security programs are built for Windows or MacOS, Internet of things devices are introducing new platforms that cybersecurity will need to develop methods of scanning and prevention of viruses and other threat agents.
IOT users want privacy within programs on the application layer, third-party apps, and services like anti-virus scanning programs, virtual private networks (VPN) and cloud storage. Even though cloud storage services are cost-effective and reliable hardware and software solutions, customer’s stored data may not always be private throughout the life cycle of using the cloud services.
Most cloud storage providers use aggregation and data mining as a method of gathering intelligence on customers that will assist them in predicting the customer’s behaviour in order to develop strategies for selling them current and future products and services and predicting when they are most likely to make new purchases.
There are no laws to prevent cloud service companies from collecting customer stored data through aggregation or using it to discover patterns of behavior like data mining. Preventing the implementation of policies that restrict cloud service providers from using aggregation and data mining would increase consumer trust.
However, since companies are generating more revenue through aggregation and data mining, only a few companies (if any) would adopt and implement a computer security policy that restricts those procedures. This is apparent when consumers go out to purchase an IOT device.
Smart TVs, for example, have two different types: ones that sharing consumer information and others that do not. The same smart tv model can be purchased at a significantly lower price if they select technology that shares their data. Even though privacy is a significant issue, there are several guarantees vendors should provide in order to protect customer’s sensitive information.
An informative way to discover the types of guarantees is to observe how cloud storage services operate with internet of things which is a fast-growing area of technology that often uses the cloud for its devices. The Google Home Voice Controller records users voice commands, encrypts the audio files, and sends it to either a Google Data Center or servers at Google’s headquarters.
Google has not disclosed publicly how they determine which files go to the Data Center and the company servers. However, the company has released the Google Security Whitepaper that makes several guarantees for users of any of the company’s devices that connect to Google Cloud Platform: encryption for communication in transit or stored on cloud services, provide multi-layered authentication, integration options with different ISPs, dedicated staff with appropriate technical certifications, annual audits, vulnerability management and malware prevention.
The seven guarantees provided by Google should be offered by other tech companies that manage a cloud services platform. It identifies what the company is doing to promote security and how to mitigate potential threat agents. One guarantee that would be great to see is a commitment to transparency regarding customer privacy and computer security. Perhaps providing analytics for customers to verify their data is secure, and notify them on what to do if there is an active threat on the cloud services platform.