Previous literature has investigated if mobile applications unregulated by the United States, such as Tik-Tok, can have a detrimental impact regarding the vulnerability of personal identifiable information of their daily users and are therefore worthy of banned designation for consumer use in the United States. The research conducted in these findings aimed to assess the benefits and downsides of user-permitted data collection from mobile applications such as Tik-Tok including whether Tik-Tok indeed poses a serious national security threat due to its potential exploitation from foreign governments, therefore warranting government escalation from being closely monitored to banned status. This chapter's research also consisted of analyzing emerging trends in the mitigation of data security of consumer devices industry in the instances of cloud computing, 5G implementation in home automation, and mobile applications privacy. Previous findings implicate the potential vulnerability of PII in mobile applications and support the notion of Tik-Tok becoming banned by the United States.
TopCloud Computing
Cloud computing has become a common mechanism allowing users to enjoy increased functionality for productivity and allocate important information for flexibility in managing and sharing data. By accepting terms and conditions from cloud providers, users must inherently trust that their information is being kept safe while still acknowledging that they are responsible for any of the outcomes involved in information stored on the cloud were to become compromised. Many cybersecurity experts recognize that cloud configurations are often targeted by hackers or persons with dubious intent to steal personal or private data as well as gain access to credentials.
Cloud computing is often featured in three distinct forms such as Infrastructure as a service (IaaS), Platform as service (PaaS), and Software as a service (SaaS). Regarding the mitigation of data security risks in the industry of consumer devices, all three variations of cloud computing involve third-party vendors handling virtualization, networking, storage, and server maintenance. With that in mind cloud computing can be prone to class break vulnerability due to misconfiguration from users. Arce sheds light on an instance in which “during the summer of 2019, a former AWS employee exploited a misconfigured Capital One server to obtain the credentials needed to steal 106 million Capital One records stored on AWS” (Arce, 2020, p.4). With cloud computing, scenarios like the one aforementioned are expected as indirect risks arise during the process when developers of products and services become connected with users through exchanges within cloud computing. Arce touches on this concept by divulging that “cloud services providers create indirect externalities in that the value of the CSP for those on one side of the market rises with increased participation on the other side of the market” (Arce, 2020, p.5) and also points out that the cloud exchange markets are plagued by individuals such as hackers with the sole intent of commandeering vulnerabilities in cloud services for malicious uses.
The reputation of cloud-based providers (CSP) in mitigating exploitation and responding resoundingly to threats is paramount for their value perceived by consumer users. Within PaaS, CSPs are responsible for the security of API, in SaaS cloud architecture is the responsibility of CSPs, and in IaaS the hypervisor is the liability of the CSP. The variability in responsibility in the different cloud computing models demonstrates the shared liability model in cloud adoption by consumer users. Acre characterizes the properties of cybersecurity symbiosis within the growing trend of cloud computing as an inverse relationship in which competition between CSPs influences cybersecurity and cybersecurity shapes competition between CSPs. (Acre, 2020)