Most Americans Track Health Data on IoT Devices, Says Survey

The majority of Americans track their health data with IoT devices, according to a recent survey from nCipher Security. This breaks down into the following methods:

• 23 percent use smartphone apps
• 19 percent use a health care provider’s website
• 13 percent use connected scales
• 12 percent use wearables such as Fitbits
• 10 percent use an Apple Watch or similar device.

However, Americans are more concerned about their financial information being hacked over their health data, as stated by the nCipher survey.1 42 percent of the survey’s respondents said that they are most concerned about their financial information being hacked, while only 14 percent said their healthcare data was their greatest hacking concern. In the same vein, 46 percent of the group felt most vulnerable sharing their credit card or Social Security numbers over the phone, while only 16 percent felt most vulnerable while downloading health records or using an IoT medical device.

Despite this lack of concern when compared to financial information, the majority of the survey’s respondents said that they want medical devices to use encryption to prevent security vulnerabilities. Peter Galvin, Chief Strategy Officer at nCipher, wrote,

“Clearly, the stakes are high for connected device manufacturers and others that touch Americans’ healthcare data. That means these organizations must take care to protect those devices and that information. And they need to lead the way for consumers, who may not always understand what’s at risk until it’s too late.”

Fitness App PumpUp Has Security Vulnerabilities

About a year ago, security researcher Oliver Hough found a security vulnerability in PumpUp, a fitness and workout community app.2 The flaw would allow anyone to see user content including email addresses, birthdays, current location, workout and activity data, profile photos, and private messages. There was also health data exposed that users had submitted themselves, like their heights, weights, smoking habits, medications, and more. While this particular app had over six million users as of a year ago, similar apps like MyFitnessPal and Strava both exposed customer data, validating Galvin’s plea for health companies to improve their cybersecurity.

How To Secure Your IoT Devices

Being such a relatively new technology, IoT devices clearly have a long way to go when it comes to security. However, there are a number of actions you can take to protect your network, IoT devices and personally identifiable information.

Use A Secure Router

The easiest way to secure all of the devices on your home network is to get a secure router, meaning that it has built-in encryption and is password-protected.

Use a VPN

You can also use a VPN, or Virtual Private Network, to encrypt the web activity and IP addresses of your IoT devices. Some VPNs work directly with routers, covering all of the devices on its network. In addition, the best VPN is one that doesn’t log any traffic data, just the basic account information needed to uphold your account. Our top picks are ExpressVPN and NordVPN.

Create Strong Passwords

Although it can be rather annoying, make sure that for each IoT devices’ corresponding web account, you create a password that you haven’t used with any other account. Want to check if you password is up to snuff? See how secure your password is.

Enable Advanced Authentication

Finally, another relatively easy thing you can do to protect your IoT devices is to enable two or multi-factor authentication. What does that entail, exactly?

• Two-factor authentication: Once you enter in your username and password, your IoT device’s account will send a passcode to your mobile device. To complete the log-in process, you’ll need to enter this passcode as well.
• Multi-factor authentication: In lieu of entering credentials, you’ll use fingerprint or facial identification on your phone, biometrics that cannot be reproduced.

To keep your health data, as well as other sensitive forms of data, safe, follow the above practices. To learn more, read our full list of the best digital security practices.