Get a Quote

IoT Privacy Guidelines

IoT Privacy Guidelines

IoT Privacy Guidelines

Today most of us have many IoT devices in our homes and offices. In case you don’t know, IoT is an acronym for Internet of Things. What is that? IoT are devices that connect to internet like your personal assistant (Echo (Alexa) or Google Home), smart thermostat (Nest), smart TVs, etc. These devices that were once a novelty are now commonplace and, in some instances, they have become a necessity for many of us. By 2025 an estimated 152,200 IoT devices will connect every minute, according to IDC data research.

Like with any service or device that connects to the internet and/or shares data, privacy considerations need to become a top priority to understand, manage and review periodically. These devices can make our lives more convenient in many ways, but if your personal information is shared or compromised by one of these devices, you’ll definitely rethink their use in your life.

Here are some guidelines to help you understand the privacy implications of a given IoT device and protect your privacy while using one of these devices.

IoT appliance connectivity


This is your first line of defense. If you don’t understand what the device does, or where or how you’d use it, then please don’t use it. While internet connected stoves and refrigerators may sound cool, do you even need them? Would owning of these devices actually improve your life? If not, you can probably pass.


While connected to the internet, an IoT device can typically be hacked within five minutes. A good IoT device vendor will continuously work to identify and fix bugs and security vulnerabilities in their devices. Once they have identified these vulnerabilities, they will produce firmware updates to address these vulnerabilities. Regularly and promptly updating your devices will help keep them protected from hackers looking to exploit your devices and their vulnerabilities.


IoT devices have numerous settings for managing your personal data, how that data is shared and what is shared. Take time to understand these settings to ensure that you are only sharing the information that you want to share and that you are sharing it with the right people. Setup your IoT devices correctly and your privacy settings allow you to confidently share the data you want with the people you want. Set them up incorrectly and you can divulge sensitive personal information with the world.


Palo Alto Networks reports that 98 percent of IoT traffic is not encrypted, exposing personal and confidential data on the network. This is really a no-brainer but again and again people either don’t change the default factory settings or use weak passwords on IoT devices (and everywhere else for that matter). Strong passwords and Multifactor authentication (MFA) can prevent hackers from accessing your IoT devices and from compromising your network. Weak passwords without MFA leave you vulnerable to hackers who will exploit your devices and your network.

Protect Your Privacy

IoT devices are an everyday part of our home and work lives. Following our tips will help keep your devices and your privacy safe from hackers. Wondering what IoT means for your company? Don’t worry. As of 2020, currently less than 40 percent of businesses are actively deploying IoT devices within their infrastructures today. Of course, that number is steadily on the rise. If you have questions about your company’s information security be sure to reach out to CMIT for help and assistance.

Written by: Chris Zambuto | Chief Information Security Officer @CMITBostonCambridge


We can help. Whatever your technology problem is, chances are, we've seen it before.