Skip to content Skip to menu Skip to footer
Incident response

Consumers need to get smarter about their connected devices

Image related to Consumers need to get smarter about their connected devices

The consumer protection group Which? tested 12 smart devices across four categories – air fryers, smartwatches, smart speakers and smart TVs – for privacy and data protection. Not even one of the products tested received a privacy score above 50%.

Some devices are collecting excessive amounts of information, like postcodes, or are sharing the data with a number of third parties for marketing. Consumers are either unaware this is occurring or have unknowingly accepted such data collection as the cost of using these devices. 

CyXcel’s Chief Product Officer Megha Kumar spoke with journalist Martin Stanford this morning on LBC News about the risks of unsecured connected devices and what consumers can do to protect their data and privacy. 

Megha also provided her expertise to the Professional Security Magazine’s coverage for this story and to the Infosecurity Magazine’s article published today.

Risks from unsecured connected devices

Having control and visibility over our personal data is a human right under the UK GDPR and EU GDPR. If consumers are unaware what data is collected about them, how it is stored and which third parties it is shared with, they are potentially vulnerable to serious risks. 

These include :

  • surveillance (where a smart TV constantly knows our location, and the vendor share that data with third parties without our knowledge or consent);
  • invasion of privacy (if they are listening to private conversations); and
  • behavioural manipulation (if devices are tracking our personal preferences).


Another risk is cybersecurity. Recently some 1.3 million Android-based televisions become infected with a new strain of malware called “Vo1d” that embeds itself into storage media. Such malware can easily transfer via Wi-Fi to other connected devices that store sensitive personal data, such as our work-from-home laptop, or other sensitive devices when unsecured connected devices are used in a business/corporate setting.

 
Simple steps to stronger security

Consumers can better protect themselves by taking some basic precautions:

  1. Following the vendor’s instructions on data privacy and cybersecurity. If these are not provided, consumers would be well advised not to purchase that device or service.
  2. Setting strong passwords for all connected devices – the UK’s National Cyber Security Centre suggests creating passwords made of three random words and a number – and using multifactor authentication for added security.
  3. Updating the software of all connected devices regularly, or better still, opting for vendors whose devices update patches automatically.


As we bring more connected devices into our homes and businesses and the regulatory regime for these devices firms up, it is imperative that individual and corporate consumers make smarter cybersecurity and data protection choices about their devices.

We can help

CyXcel helps businesses and organisations across all major sectors secure their IoT devices. For more information, or to speak with one of our team about how we can help your business, contact us today.