Was your Nest password stolen? Apparently the smart home company is notifying users that their Nest password may be vulnerable after it detected that a password breach from another site was affecting users of its site. Since Nest is in the home security business now, this makes tremendous sense. I don’t want someone hacking my cameras, my alarm system, or my Nest door lock.
Smarthome vendor did the right thing says the Internet Society. Nest, the Google-owned manufacturer of home automation devices best known for its smart thermostat, has warned a customer of a password breach, urging him to change it and deploy two-factor authentication (2FA).
Because you have to use your Google credentials to set up and use Google Home and many Google Assistant functions, a significant amount of your personal information falls under the umbrella of just one company. "If you trust Google to take good care of your data in general, having it in one place versus all over the place is good," said Jeff Wilbur, director of the nonprofit Online Trust Alliance.
IoT device manufacturers face an array of challenges when thinking about securing their devices. On the heels of the RSA Conference, Threatpost’s Lindsey O’Donnell talks to Jeff Wilbur, director of the Online Trust Alliance, about the challenges that manufacturers face when securing IoT devices.
The consumerization of enterprise IoT: It turns out that in addition to the “enterprise grade” Internet of Things (IoT) devices they buy, corporate IT teams also have to deal with “consumer-grade” devices that may enter the company via a variety of channels, from non-IT company purchases to staff members bringing them in on their own.
To help stop breakins the Online Trust Alliance (OTA), an offshoot of the Internet Society set up by the fathers of the internet Vint Cerf and Bob Kahn, have released a checklist of what needs to be locked down on IoT devices to protect the network.
Here’s a handy list of tips that can help you avoid the most common mistakes that business IT pros make when bringing IoT devices onto enterprise networks. The Online Trust Alliance’s new list lays out 10 suggestions for using IoT tech in the enterprise without making the enterprise more vulnerable to security threats. The list centers on awareness and minimizing access to less-secure devices.
Casual IoT is infiltrating office buildings and businesses everywhere. Smart TVs, wearables, smart speakers, connected printers and even consumer-grade security cameras are now deployed in the enterprise. In the plus column, such devices are easy to set up and deploy. And in the negative column, they tend to be easy to hack.
A colleague just received an “Urgent Security Alert - Action Requested” email from Nest (see the image below). At first glance it looked like either a phishing attempt or one of the way-too-often breach notifications we all receive these days.
I used to love the old Space Invaders arcade game - waves of enemy attackers came in faster and faster while you tried to defend your base. With experience you could learn their tactics and get pretty adept at stopping them. For today’s enterprise IT staff, consumer-grade IoT devices must certainly feel like those space invaders of old.
In advance of Data Privacy & Protection Day, we just released the Cyber Incident & Breach Trends Report (press release here), a look back at the cyber incident trends in 2017 and what can be done to address them.
The past six months we have witnessed an un-paralleled level of questionable business practices resulting from data breaches. As trusted brands, Uber as well as Equifax and others, who have been entrusted with significant amounts of personal data have failed the American public. The breach missteps and follies only continue. Each time most within the security and privacy communities have rolled our eyes in disbelieve.