Pepper IoT, the Internet of Things platform and service provider, and Dark Cubed, provider of cybersecurity solutions designed for small and midsized companies, have joined forces to raise awareness about security and privacy vulnerabilities plaguing household connected or “smart” devices. The partnership delivers solutions to IoT stakeholders who must ensure the protection of the consumers they serve.
The partnership initiative is the formal release of the State of IoT Security Report, which shines a light on systemic security and privacy issues that were discovered through testing consumer smart home devices readily available from major retailers across the USA.
For the report, Dark Cubed experts tested and analyzed the security and the data communications of a cross section of consumer IoT devices. Unlike other IoT security tests that attempt to hack the device, this test monitored and captured these devices operating as designed and developed by the vendors, and revealed several anomalies and unexplained communications.
The report includes the security posture of nine IoT devices and applications to help retailers make informed choices that protect their customers.
Key findings of the report reveal the importance of device security, but that the platform is much more critical. Connected devices require a sophisticated networked platform to manage communications, protect data, identify and patch vulnerabilities, and to deliver a quality experience. Many (potentially most) consumer-connected devices available in U.S. retail today are managed by offshore platforms that have no motivation to protect user data or ensure high security standards.
Devices that are insecure from the moment they were installed have the potential to do immediate damage. These devices must be secure from Day One to ensure protection of consumer data. Several of the devices reviewed were painfully insecure, showing that neither the manufacturer nor its platform provider addressed security. These devices leak sensitive consumer data and open direct lines of communication to servers in countries of concern.
“If we do not address the problem of insecure consumer IoT devices and the lack of respect for consumer privacy soon, it is going to be too late. Just because the space is complex and rapidly developing is not an excuse for retailers and regulators to turn a blind eye,” said Vince Crisler, CEO, Dark Cubed. “In fact, the opposite is true. Retailers must consider security as a part of their buying processes and government must consider regulations that focus on consumer protections. We are passionate about these issues and excited to work with Pepper IoT in leading change.”
“Just as retailers wouldn’t sell unsafe toys, tainted lettuce or products with toxic chemicals, they have a responsibility to sell safe and secure IoT devices to consumers. We are highly motivated to partner with Dark Cubed,” said Scott Ford, CEO at Pepper IoT. “Their report highlighted some of the key problems in the IoT market that we are solving. We are committed to working with major retailers and device manufacturers to leverage our trusted U.S.-based platform for secure and private consumer IoT management.”