Data Security and the Smart Home
Are your customers concerned about the security of their smart home? High-profile events such as the recent WannaCry Ransomware attacks get people thinking about the safety of their personal data. Those who live in smart homes – or are considering buying smart products — may be worried about the potential security threat.
Their concerns are valid. Smart devices are typically part of the home WiFi network, utilize cloud software and connect to your customer’s phone. While cyber criminals are not likely to be interested in your customer’s temperature control data, if they can use that data pathway to access financial or other sensitive data, they will.
According to a 2016 report by Accenture, 47% of consumers cite security and privacy concerns as a reason they would not buy smart devices. Given that the global cost of cybercrime was over $450 billion in 2016, it’s in everyone’s best interest to work toward more secure devices and processes.
Fortunately, people in a position to actively protect your customer’s data are also thinking about security. Businesses are always striving to enhance their security, of course, but legislation helps to ensure that their efforts continue. The European Union (EU) seems to think so.
The EU established Data Protection Act (DPA) in the 1990s, but that legislation was drafted in a time when only large corporations had the resources to process or transport personal data. To deal with the increase in data use, they are replacing the DPA with the General Data Protection Regulation (GDPR).
The GDPR has been approved and is scheduled to take effect in May of 2018.
What is important about the GDPR is that there are serious consequences for data processors responsible for a breach. The fines can be as high as 5% of global revenue or €100, whichever is higher. Any company that touches personal data has a responsibility to protect it under this law.
The fines are scaled based on the type of breach and how the company handles it. So a company with the appropriate measures in place would receive a lesser fine for a breach.
This is great news for the smart home, and not just the EU smart homes. This law will affect any company that touches EU data, so it is going to impact everyone. Any organization that offers online services will need to be compliant, as will any company wanting to do business with the EU market. Consumers in the rest of the world will benefit from improved security measures.
Improved security should generate greater levels of consumer confidence in terms of smart home features. And that’s good for anyone delivering smart home services.
But your customers should not depend on others to protect their data. Here are some things they can do to ensure their home data is protected:
Secure the home network: Use a router with a firewall and set up WiFi protected access (WPA2) encryption protocol. Change the pre-set user name that comes with the router.
Segregate devices: Your customer’s WiFi gateway may allow for different network identities. It’s a good idea to have the devices used to access banking and other sensitive information on a different network than smart home devices that may be vulnerable.
Use security software: Even if the network is secure, your customers should use security software to protect their laptops, tablets and smartphones.
Secure smartphones: Your customers use apps for their smart home and their banking. These devices need to be secure. The first line of defense is a good passcode and setting for the phone to lock after a few minutes of inactivity.