The concept of IoT security is one that interests me. In part because it is such a huge (and expanding)field today. In part, because it is a green field, in that people aren’t always paying attention to security when they deploy IoT devices. Lastly, it is an area that I find interesting personally. An expanding reality now is that of medical IoT Devices.
These would represent devices designed to support, improve and ultimately help you directly with various health issues. The list includes blood pressure cuffs, blood sugar monitors, pacemakers and other health improvement devices. Each of these devices providing both a path to personal health improvement as well as monitoring of your health. In some cases, the device collects data and then provides that information to your doctor. In some cases, the device presents information to you, as the user.
That information though is the interesting problem. Information that exists and can be consumed by someone other than you or your doctor. How we secure, that information will become more and more critical. You cannot allow someone to have access to your health information that you don’t grant. It allows them access to more data about you than you would want to be shared. How health and medical companies secure that data will be, and is now a very interesting conversation. The easy things to do is to have pass phrases for your passwords. Instead of a complex password you may forget, use something you will remember. Security for these devices is the responsibility of the companies in question, but it is also your responsibility because it is your data!