Ben Pick, Senior Application Security Consultant at nVisium, a Falls Church, Virginia-based application security provider, notes that these practices demonstrate a good starting point for IoT security. “However, two of them will be difficult, if not impossible, to maintain. Keeping software securely updated and making it easy for consumers to delete their personal data defies the standard usage of such devices. Most companies have found it cheaper to build new devices rather than support robust software maintenance plans. Additionally, collected data tends to be sold to third parties, preventing their complete deletion,” says Pick. “Personally, I hope companies are forced to follow these practices and that the practices themselves become a springboard for more extensive security policies in the coming years.”

Read entire article here