Tuesday, 16 September 2014

IoT putting security in the balance

My wife and I have recently taken to Fitbit, where we monitor our steps, calories burnt and now our weight.

If I were playing "buzzword bingo", I'd say we have taken the "quantified self" analysis seriously, as it brings "gamification" to the monitoring.  Some would say that "gamification" would mean you'd take it less seriously, not more... and I'd say those people are not or have never been gamers!

We  purchased the Fitbit Aria bathroom scales to measure weight and body fat, with ability to give an accurate BMW reading, if your height is stored correctly.


I realised that the IoT (Internet of Things) had entered our home, as I was connecting the scales to the home wireless network, and telling my wife to expect an email from the bathroom scales!  The scales work by taking your weight, then connecting to the wireless network you configured it for, then it will upload that information to a website hosting your Fitbit portal, allowing that information to be displayed by a dashboard.

Although I'm pretty aware of security, it made me realise that I need to firewall the scales to only be able to communicate with the Fitbit website. It also made me realise how unprepared we are, whether domestically or commercially, for the Internet of Things.  As the devices are more autonomous, where it decides when and what it will do, you realise traditional solutions don't work. I'd want the firewall solution to be aware of the device and restrict what it can do. So the scales will only take weight, and only sent weight information to my Fitbit profile, and if it were to do anything else, the firewall would stop it.

I have a more detailed IoT blog post planned, but in the mean time consider what your new toy can do on its own!

No comments:

Post a comment