Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Ring Rolls Out Mandatory 2FA, New Privacy Controls

Amazon-owned home security and smart home company Ring this week announced new security and privacy features for all of its users.

Amazon-owned home security and smart home company Ring this week announced new security and privacy features for all of its users.

Following reports of hackers accessing Ring cameras and spying on people or harassing them, the company is apparently working on addressing these issues, and has started with a CES announcement on a new Control Center for both iOS and Android.

While the Ring incidents have surfaced problems that are representative for the Internet of Things industry, the issues related to the vendor are not limited to its cameras. Last month, the Electronic Frontier Foundation (EFF) warned that the Ring doorbell Android app contained third-party trackers and was sending out lots of personally identifiable information (PII).

This week, Ring announced not only mandatory 2FA for all user accounts, which should prevent unauthorized access to accounts even if the username and password have been compromised, but also improved control over the information that is being sent out to third-parties.

With mandatory 2FA in place, when a user logs into their Ring account, a one-time six-digit code to verify the login attempt — this applies to all Shared Users on the account as well — will be sent, either via email or as a text message (SMS).

Additionally, the company says it wants to increase transparency into its data sharing practices and to offer users increased control over the information shared with third-party service providers.

“Beginning immediately, we are temporarily pausing the use of most third-party analytics services in the Ring apps and website while we work on providing users with more abilities to opt out in Control Center,” Ring says.

This spring, the company will roll out new options to allow users to further limit the sharing of information with third-party service providers.

Advertisement. Scroll to continue reading.

Starting this week, new options in Control Center allow users to opt out of having their information shared with third-party services for the purpose of receiving personalized ads — although users might still see non-personalized Ring ads from time to time.

“Ring does not sell your personal information to anyone. We occasionally collaborate with third-party service providers that specialize in delivering different benefits, such as identifying and solving your problems faster when you contact Ring Community Support, providing you with personalized Ring offers and discounts, and communicating important alerts about your devices, like when your battery is low,” the company notes.

Related: Smart, or Not So Smart? What the Ring Hacks Tell Us About the Future of IoT

Related: Ring Doorbell App for Android Sends Out Loads of User Data

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.