• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Purging Personal Data from Used IoT Devices  

February 28, 2017 By The Editor

IoT

You’re probably reading this blog post on a smart phone, iPad or some other IoT device. And if not, there’s a good chance you have at least one smart device in your pocket, on a nearby charger or in your bag. Over the past several years, connected devices have become a pivotal part of our everyday lives. In fact, IHS forecasts we’ll see 30.7 billion active IoT products by 2020 and 75.4 billion by 2025. But, given the fact these devices house your most sensitive personal and professional data, how can you protect your information when it comes time to get rid of them?

In his latest column on GeekWire, WatchGuard CTO Corey Nachreiner describes the ways various IoT products store user data and recommends key best practices for completely removing this information before getting rid of computers, gaming systems, connected cars and more.

Corey suggests three main strategies for protecting your personal data when selling, gifting or disposing of IoT devices:

  1. Make sure your data is securely wiped from the device. If you’re using a type of IoT device that has a hard drive or local storage, it probably has some data that you need to delete before reselling. However, you need to remember that with computers, not all deletes wipe equally. Do a little research to see if your device’s “factory reset” is a secure wipe or not. If it isn’t, you might have to find alternate means to really kill your data.
  2. Don’t forget the device’s settings. When we think of protecting our data, we normally worry about erasing the sensitive files we might have on a device. However, we can’t forget that many of the settings in an IoT device link to our private data, too. These devices are connected to our cloud and social network accounts, they have a memory of all the access points we’ve connected to, they know your email address, and much more. Make sure you also erase all the device’s settings and deactivate the device from any cloud accounts it might be linked to.
  3. Don’t forget the settings in the cloud, too. Learn from what one X-Force researcher discovered about his smart car. Even if you wipe all a device’s local settings, sometimes manufacturers might design features that allow cloud accounts to always have access to the device, unless the account itself gets deactivated and reset. If you can manage a device with a mobile app, be sure that you don’t still have access to the device after factory resetting it.

For more information on security best practices for IoT devices, read the complete article on GeekWire.

Share This:

Related

Filed Under: Editorial Articles Tagged With: exploit, Infosec news, Software vulnerabilities

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use