Much like Amazon Prime Day, digital assistant and IoT device security is an epic deal

Much like Amazon Prime Day, digital assistant and IoT device security is an epic deal


Mon, 07/15/2019 – 10:48

Amazon Prime Day – which is actually “a two-day parade of epic deals” – is just around the corner. And more than half of Americans – and nearly 60% of U.K. residents – are planning on or considering buying a digital assistant during this global online shopping event July 15 and 16.

Last year, nCipher research indicated that fewer than half of U.K. residents who did not yet own a digital assistant planned to get one on Amazon Prime Day. So, interest in digital assistants is clearly on the rise. But security concerns related to digital assistants could prevent some shoppers – who are increasingly paying attention to cybersecurity and moving to secure themselves, their applications and devices – from taking advantage of Amazon Prime Day deals.

Most shoppers express concern about cybersecurity related to digital assistants

As nCipher research shows, more than half (59%) of Americans have privacy concerns regarding the use of digital assistants. More than half (51%) fear their digital assistant is listening to them at all times, and close to half (45%) believe their information is being shared.

Much like Amazon Prime Day, digital assistant and IoT device security is an epic deal

More than a third (40%) worry that their personal bank or credit card information may be compromised. And close to a third (28%) think digital assistants will inform hackers of their whereabouts. Only about a fifth (22%) of Americans do not have any privacy concerns with digital assistants.

A third of Americans don’t use a digital assistant. Of that group, more than half (55%) said they won’t use a digital assistant, and more than a quarter of that group (28%) said they are worried about security related to a digital assistant.

Many Americans who do use digital assistants believe the technology is eavesdropping on them. More than a third (35%) think that their digital assistant listens and records them at all times.

They are spending more on connected devices but some fail to secure them

Despite such concerns, IDC forecasts that IoT spending will reach $745 billion this year, with the consumer sector among those leading the way. And nCipher’s own research indicates that digital assistant users aren’t always vigilant when it comes to their use of digital assistants.
More than a third (37%) of American consumers leave the default settings in place when setting up their digital assistants. (The share of the U.K. survey group that does so is even higher, at 41%.) Nearly a quarter (24%) of Americans leave their assistant in listening mode at all times, and nearly a fifth (19%) of Americans leave the default password in place.

Lack of security can open consumers and their employers to threats

Last year just 9% of the nCipher U.K. survey group said they were aware of digital assistants being used at work. That has increased significantly in the year since. Today nearly a quarter (23%) of U.K. survey participants said digital assistants are used in their workplace. Meanwhile, 26% of Americans said they are using digital assistants in the workplace today.

The stage is set for an even greater share of people to use digital assistants for work purposes. The majority of U.K. survey participants who said digital assistants are used in their workplace were between the ages of 18 and 34. And real estate firm JLL recently partnered with Google to create a conversational AI assistant specifically designed for office workers.

Cybersecurity uncertainty continues, but more people are paying attention, taking action

Nearly a quarter of Americans are unsure about whether their digital assistant receives security updates automatically. Results for the U.K. survey group were nearly identical.
But most people from both the U.S. and U.K. groups in the nCipher survey, which included a total of more than 2,000 respondents, indicated that they actively take steps to secure their digital assistants and want assurance that connected devices come with security features.

Of the American group:

  • 81% said they create a stronger password when setting up their digital assistant
  • 63% said they apply advanced security settings when setting up their digital assistant
  • 60% said they are more likely to buy connected devices if the security features are labeled better

The same share of the U.K. survey group said they would be more likely to a buy a connected device if the basic features were labeled better. There’s good news here, because the U.K. is gearing up to require IoT device makers to tell consumers how secure their products are.

Another positive development is that the share of U.K. residents who leave their device default settings in place dropped from 57% last year to 41% this year. That may be a result of the increase in data breaches, heightened consumer awareness in light of the European Union’s new GDPR regulation, and Amazon being the subject of an inquiry due to privacy concerns related to Alexa, Amazon’s personal assistant.

Basic best practices

While I’ve shared tips on digital assistant personal security hygiene before, they’re worth repeating – especially now that these devices are becoming more common in the workplace:

  • Above all, take the time to really understand how these devices work, and the type of data they’re recording and saving
  • Get your desired level of security and privacy by personalizing your device security settings, and employing other security measures to complement them as necessary
  • Digital assistants should only be used in an environment where you are comfortable with the fact that they are listening to every single word that is said

Interested in learning more? Check out nCipher’s dedicated IoT security page. You can also follow the company on Twitter, LinkedIn, and Facebook, or find me @johnrgrimm.

Blog featured image
Much like Amazon Prime Day, digital assistant and IoT device security is an epic deal

Blog Authored date

*** This is a Security Bloggers Network syndicated blog from Drupal blog posts authored by john-grimm. Read the original post at: