The term IoT (Internet of things) was first used in 1999 and since then it has come a long way. Today IoT is nearly inevitable in situations where internet connection along with computer abilities are applicable to sensors, devices and even items that are used every day. IoT has made a lot of sci-fi items a part of everyday life. For example driver-less cars, refrigerators that suggest recipes, smart systems that can self-improve electricity regulation, wearable gadgets, and more use IoT to work. So, it is safe to say that IoT is here to stay. As technology continues to progress, customer data security concerns also tend to sore high. The growing use of the Internet of Things makes customer data easily accessible and vulnerable to theft as well as misuse. There have been instances wherein prominent IoT workshops participants have hacked into a car’s network without even getting inside one. In this article, we will discuss how the privacy of health details, financial records, personal details, etc. are at risk. Also, concerns like storage, data selling, and customer privacy must be taken into consideration. Here are a few things that we can take into consideration when it comes to advancement in IoT: Protection of Access: Operating systems are built with access control systems. These systems allow applications to use select resources as and when required. Even in case of breaching the access control ensures that the thief gets negligible access to other sections of the system. The access control works in correspondence to mechanisms in a network base access. This means that even if the credentials are gained through unethical means the information access will be limited to the person’s authorization. Digital Signature: Digital signatures are one way to verified software authenticity. The digital signature works similar to that of a written one. It makes sure that only the authorized version of a software is installed on a particular device. These precautionary measures can help prevent data breaching. Auto-Authentication: Auto-Authentication is necessary in case a device is connected to the network. We can ensure the correct identification of devices before authorization with the help of machine authentication. Firewall and Protocols: When a device’s performance is directly proportional to traffic control, the firewall plays a vital role. A device which is deeply embedded will have protocols that are distinct and different from IT enterprise protocols. This means that a particular device will filter out data that is not meant for it. Patches & Updates: Constant updating of software and security patches is also one way to keep the device secure. Device authentication procedures before updating this software and patches will allow for added security.