For more security in home networks

Prof. Dr. Sabine Pfeiffer, Chair of Sociology with a focus on Technology, Work, and Society at FAU.
Prof. Dr. Sabine Pfeiffer, Chair of Sociology with a focus on Technology, Work, and Society at FAU. (Photo: www.thomasriese.com)

FAU involved in an interdisciplinary research consortium that is taking a closer look

Who thinks about a light bulb or the digital thermostat in their hallway when it comes to cybersecurity? However, these unassuming devices may actually be a security risk. Over the last four years, researchers from five Bavarian universities have been researching why that is the case and how digital technologies can be used securely in our daily lives in the research consortium “ForDaySec”. Representing Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU), Prof. Dr Sabine Pfeiffer, Chair of Sociology focusing on Technology, Work and Society, explains why security risks often arise where people rarely expect them.

Prof. Pfeiffer, you were lead investigator in the sub-project “Daily digitalization”. What did you focus on?

We deliberately chose not to concentrate on the typical devices such as laptops or smartphones. Instead, we were much more interested in the numerous small, connected devices that are increasingly found in households and work settings and that are often overlooked. These include, for instance, intelligent thermostats, voice assistants or smart lighting systems.

At the same time, we wanted to question the widespread assumption that it is predominantly the users who are responsible for security problems. Our research showed that people are often under time pressure, are expected to complete many different tasks at once, and use technology in complex daily situations. We therefore investigated how digital technologies are actually used and which framework conditions have an impact on IT security.

You questioned employees in Germany on IT security in their daily living and working conditions, before analyzing the results in a paper. What conclusions did you come to?

The survey was only the final step in a research process that lasted several years. We also visited people at home and at work and took a close look at where there are problems, and where there are good solutions. It became apparent that many risks are not posed by spectacular cyber attacks, but rather from devices that people have long since forgotten. At the same time, it became clear that errors are often not the result of a lack of knowledge, but rather due to time pressure. For instance, no matter how well trained employees are, they may still miss a well-disguised spam email when working under pressure. And the technology behind many devices, for instance smart devices, is often untransparent.

Prof. Sabine Pfeiffer’s study on IT security in daily life at work and at home: IT security in daily life at work and at home

Which smart devices from our daily lives entail underestimated risks?

Devices that are scarcely even regarded as digital systems, such as smart light bulbs, tend to be particularly underestimated. After a while, many people forget that these devices are connected to their home WiFi network. If security updates are no longer provided or installed, these devices can become an entry point for hackers. The situation is similar with voice assistants such as Alexa. After possibly being set up by our children, they remain permanently in our living spaces, even though they are only rarely used – and yet they are still secretly listening in all the time, for instance during confidential conversations we may have while working from home.

How can people protect themselves or what precautions can they take to avoid becoming a victim of cyber attacks?

First of all, it is important to become aware which connected devices you actually have in your surroundings. Many risks are posed by technology we have long since forgotten about. At the same time, during the project we wanted to avoid assigning responsibility to the users alone. Regular updates are essential for security.

Our aim was to prepare scientific findings in an easily understandable format and to give specific guidelines for everyday life. The key finding remains: Cyber security is not merely a technological issue, it is a task for society as a whole and must take a range of different perspectives into consideration.

ForDaySec has therefore published a whitepaper describing action to take to increase everyday digital security: Cyber security in our daily lives

A mature professor smiles at the camera
Prof. Felix Freiling at the closing event for the ForDaySec closing event (image: Jan Greune)

To what extent did you collaborate with those involved in other sections of the project?

Originally, the project had a strongly technical focus. During the planning stages, however, we deliberately chose to incorporate legal and social perspectives as well. This led to a truly interdisciplinary research consortium. Whilst experts from computer science developed technical solutions and explored legal issues concerning responsibilities, we focused on people’s perspectives and their everyday habits.

Further information:

Paper on the smart relays: Do You “Relay” Want to Give Me Away?

Paper on the smart TV: Started Off Local, Now We’re in the Cloud

Contact

Prof. Dr. Sabine Pfeiffer

Chair of Sociology focusing on Technology, Work and Society

Prof. Dr.-Ing. Felix Freiling

Chair of Computer Science 1 (IT Security Infrastructures)

Portrait Prof. Dr. Sabine Pfeiffer
File Name
Prof. Dr. Sabine Pfeiffer
File Size
149 KB
File Type
JPEG
Älterer Professor lächelt in die Kamer
File Name
fordaysec_250626_404489_web
File Size
588 KB
File Type
JPEG