Ways to prevent this include:
- Erase all data and personal information. The manufacturer should provide a method for how to erase your data and personal information from both the device and associated applications. Erasing your personal information ensures that no-one gains access to it after you have disposed of the device. Delete your online account if it is no longer needed without the IoT device.
- Perform a factory reset of the device. A factory reset is designed to erase data kept in local storage and reset usernames, passwords and settings back to default. Check the device’s user manual or the manufacturer’s website for information on how to perform a factory reset.
- Disassociate the device from mobile phones and other devices. Disposing of a device that still has access to your other devices, network or online accounts has the potential for others to gain access. Make sure you check your other devices and remove any pairing with the device you are disposing of. Remove any permissions granted to the mobile application that are no longer needed.
- Remove any removable media (e.g. USB flash drives, memory cards etc) attached to the device. Removable media may contain personal data that is not deleted in a factory reset and should be physically removed, physically destroyed and disposed of separately from the device.