Keeping Alexa out of the boardroom (and the bedroom office): IoT security tips for remote employees


I can’t help myself. I find myself liking Alexa. She/he/it isn’t exactly a friend, but I can play music and find out the weather and do all sorts of things. I tell myself that Alexa is useful for work too: for research, interesting product design features for identity services and more. 

Voice-enabled services are playing a greater part in our lives, especially now that many of us work from home during the COVID-19 pandemic. But when we make those work calls or do Zoom conferences, can we depend on Alexa to be respectful of our privacy?

As workers across the globe move to remote working because of the pandemic, Alexa is our home office stalwart, beside us through our stay-at-home vigil. And as the pandemic eases, we may find that we continue to work from home more often. Remote working is a model of choice for many; a poll on attitudes towards remote working found 99% of us want to work remotely at least part-time. 

However, Alexa and similar digital assistants have been under scrutiny by the privacy and security community, and many security and privacy concerns are being aired about Amazon Alexa. Is Alexa safe to use in a home office? Should we view a seemingly innocent digital assistant as dangerous?

In this article, I look at the “Alexa is bad” claim and ask this question: should organizations be concerned about protecting sensitive information under Alexa’s watchful eye? What are the concerns around security and privacy, and should we just switch Alexa off while working from home?

Potential IoT security concerns

Amazon sold 146.9 million Alexas in 2019. Many of them are now sitting next to remote workers as they carry out their business, go on conference calls, talk to colleagues by phone, send out (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Susan Morrow. Read the original post at: