Are you giving gifts that give away data?

By Dale Meredith

When it comes to buying gifts for friends and family, the newest tech gadget could be the gift that keeps on giving—but not always in a good way. Pluralsight author and security expert Dale Meredith discusses the hidden pitfalls of the Internet of Things, and the questions you should be asking yourself when brands request your personal information.

[Transcript below]

I know this is the time of the season where we want to give gifts that hopefully will mean something to someone. My only concern is what it is we possibly could be exposing ourselves to.

There are so many gifts and ideas that we can give as gifts this year that require us to create user accounts and passwords, whether it's a smartwatch or a new phone, or even a new robot that we buy for the kids. We have doorbells that are smart, we have cameras that are smart, we have tools that are smart, coffeemakers that are smart, we have a Harry Potter coding kit that, all these devices have in common is they require us to create a user account and password. And this actually ends up leading us to that old problem of password recycling, as well as another problem. I'll talk to you about that one in just a second.

What I mean by password recycling is the concept of, us as humans, getting tired of coming up with new passwords and new user accounts to create for these devices, and trying to track those is a nightmare.

So, what we end up doing is reusing the same password that maybe, oh, we use for our online accounts with Amazon or Netflix, or eBay, or heaven forbid, our banks. Do yourself a favor this year and buy yourself as well as your loved ones a password management solution, like LastPass, or Dashlane, there's hundreds of them out there. (Well, not maybe hundreds, but there are several out there that you can choose from.)

Now, the reason why we like these is because, one, I'll be honest with you, I have no idea what my password is to Facebook, or to Twitter. I just click and it fills it in for me, and I can change my password at any time.

You know, and the second issue I have with these devices and us purchasing them without really doing some research on them, is the aspect of we are creating an account with a password and sharing personal data, a lot of them require it, and we are relying on that manufacturer to take our security as the number one issue for their product. Typically it's not, typically it's about selling the product, right?

Does a company that, I don't know, creates a baby monitor, that I've opened up an account with and given them my information, maybe my kid's information, do they really take my security as their number one priority, or is it about selling a product? So you need to look at the manufacturer, there are some fantastic companies out there that really do take this to heart.

My whole goal here is just to make sure we understand what is the technology we're buying, and what is its function? A lot of parents buy things like game consoles and they have no idea that the game console itself has internet access, and that their kids may be chatting with individuals or folks out on the internet, and they have no idea who they're chatting with.

So again, do your research, both for yourself and for your organization, and your Christmas will be a little brighter.

About the author

Dale Meredith is a high-demand contract Microsoft Certified Trainer and project consultant. Along with his 17 years of experience as an MCT, Dale also has an additional 7 years of senior IT Management experience. Dale worked as a CTO for a popular ISP provider and a Senior Manager for a national hardware supplier. His technology specialties include Active Directory, Exchange, Server, IIS, PowerShell, SharePoint, System Center/Desktop Deployment, and Private Cloud. Dale's wide network of IT contacts stay connected through his popular blog site at