Application developers may need to start being more careful with the way they handle consumers’ personal data, according to a recent survey from IT professional organization ISACA. The organization’s 2013 IT Risk/Reward Barometer found that an overwhelming majority of people worldwide have concerns about the way data is gathered and used in the growing sphere of connected devices that make up the Internet of Things, even as their personal privacy practices remain lax. Among Americans, just 1 percent said they would most trust mobile application makers as the institution they most trusted with personal data gathered by Internet of Things devices.
More than nine out of 10 respondents in the survey were concerned about the information collected by Internet-connected devices such as sensors and cameras that the term “Internet of Things” refers to. Although just 6 percent of respondents were familiar with the term Internet of Things, 62 percent reported using GPS systems, 28 percent said they used electronic toll devices in their cars and 20 percent claimed to use smart TVs. For consumers, the greatest concern is that someone will hack into connected devices and steal their personal data, with 31 percent expressing such a fear.
Other concerns about privacy abound as well, with half of respondents saying they felt they had no control over the way websites used their information, and 90 percent saying they were concerned their information would be stolen. Despite these concerns, the majority reuse the same two or three passwords across multiple sites, and 25 percent report not checking the privacy settings on their social media profiles in the last six months. Around eight out of 10 also said they do not always read privacy policies before downloading applications to their tablets or smartphones. Additionally, many are leery of the growing practices revolving around location-based marketing, with almost half saying they would find it invasive if a store sent them an offer via text message as they were walking past.
“People are starting to think through the implications of giving companies this type of information,” Robert Stroud, chair of the COBIT growth task force at ISACA, told IDG News Service.
The takeaway for developers
According to the survey, 99 percent of IT professionals believe the Internet of Things poses governance issues, but 42 percent say the benefits outweigh the risks. Three out of ten say their enterprises have already seen the benefits of greater access to information and 29 percent report improved services. To this group, the biggest concerns for consumers should be not knowing who has access to their information or how it will be used.
Given IT’s stance on the Internet of Things, it’s unlikely that the push toward connected devices will let up. However, the burden will fall on industry professionals to reassure consumers that they do not face the kind of security risks they perceive from such technology and making sure the terms regarding how such tools are used are clear. Actually making software security a priority in development will be a key to winning this battle of perceptions, and developers can use tools such as static analysis software to build more safeguards into their devices. ISACA proposed a framework for enterprises to be agile and seize the advantages of the Internet of Things while also including data governance as a priority.
“Internet-connected devices are already delivering powerful business and lifestyle benefits, but organizations using these need to proceed with transparency and with the consumer at the forefront of their decisions,” said Jeff Spivey, international vice president of ISACA. “The deep concerns about privacy and security uncovered by this year’s IT Risk/Reward Barometer show that enterprises need to establish and openly communicate policies around use of personal data to preserve trust in information.”
Software news brought to you by Klocwork Inc., dedicated to helping software developers create better code with every keystroke.