Customer Data Security, Privacy, and the Internet of Things

January 6, 2020 • Published Categories Best Practices Tags ,

Guest post by Mark Pribish, Merchants Information Solutions, Inc.

Have you ever thought about how installing smart or connected devices such as a residential doorbell or security camera using a Wi-Fi connection can put your personal or business data at risk of being hacked?

According to a recent Risk Management Magazine article, “smart home” and Internet of Things (IoT) devices can “make every day or business tasks more convenient, they also diminish consumers’ privacy and introduce serious risks, for both users and device developers and manufacturers.”

Statista, a leading provider of market and consumer data, says there will be 75 billion connected devices worldwide by 2025. It is important to keep this statistic and the inherent risks of IoT in mind as you add new connected technologies to your home and business. For the purposes of this post, I’m going to be focusing on customer data security and privacy.

The Threat of Connectivity

When I think of connected devices I think of business sectors such as Utilities (programmable thermostats), Residential Security (residential doorbells with surveillance cameras and microphones), Smart and Self-Driving Automobiles (onboard computers, infotainment/entertainment systems and apps), and Healthcare (medical devices such as a pacemaker and mobile apps) to name a few.

In each instance, these connected business sectors and devices help save money, increase efficiencies, and improve our quality of life. However, their convenience comes at a price to customer data security and privacy.

The same business sectors and devices can also give hackers and insider threats the opportunity to steal personally identifiable information (PII) leading to any consumer becoming a victim of identity theft.

Think about it, if you can unlock the front door of your house remotely, so can a hacker. If you can start your car or unlock the door locks of your car remotely, a hacker can too.

And if any of your devices or service providers are connected to the cloud to collect, store and/or transfer information, hackers and insider threats can collect, store and/or transfer the same information.

Keeping Your Connected Business Safe

While consumers are excited to have a more connected lifestyle, consumers—including your customers—should also be concerned about the increased risk of identity theft and data breach events.

You can protect your business and customer data security in a number of ways, including:

  1. Changing default usernames and passwords
  2. Setting strong passwords
  3. Updating your security software regularly
  4. Checking the device for default privacy and security settings
  5. Disabling remote access to your IoT devices (where applicable)

Every IoT device comes with a built-in Web interface to configure the settings mentioned above. In addition to securing any new smart devices you may purchase, be sure to configure any existing IoT devices you already have. Proper configuration is mission critical, so if you are not sure how to complete these steps, be sure to reach out to an expert for assistance.


Mark Pribish has 29 years of insurance and risk experience including the identify theft and data breach risk management business sectors. As VP and ID Theft Practice Leader at Merchants Information Solutions, Inc., Mark has helped lead the product line development, marketing and sales for consumer identity theft and small business data breach solutions. Prior to joining Merchants, Mark held senior level positions at AIG and Aon. He has authored hundreds of articles and is frequently interviewed by local and national media as an ID theft and data breach risk management expert. He is a graduate of the University of Dayton.