On this last day of National Cyber Security Awareness Month, which is also Halloween, let\u2019s look at something \u201cscary\u201d \u2013 if you value privacy and security \u2013 as was pointed out recently by the NSA.Years ago, it became a challenge to find a decent new TV which wasn\u2019t \u201csmart,\u201d but now the NSA has warned that the same may become true for office furniture!Why is the NSA talking about IoT office furniture? Because the agency has to buy desks and chairs the same as any other business. If that furniture is \u201csmart\u201d? Well then, that\u2019s one more potential entry point into a network or an avenue for threat actors to gather sensitive information.Apparently, connected office furniture is part of a growing business trend; IoT connectivity allows for the wireless tracking of how efficiently the workforce uses equipment and spaces. Data from integrated sensors in \u201csmart\u201d furniture is supposed to help companies improve workers\u2019 productivity and potentially maximize existing spaces such as use it or lose it.In the article, Connected Desks Aren\u2019t What They Used to Be, the NSA wrote:However, this connectivity and information gathering raises security and privacy considerations. As connected furniture becomes more common, you\u2019ll want to consider potential vulnerabilities that may be integrated as part of an IoT wireless solution (e.g. the sensors themselves). Cloud infrastructures pose another potential vulnerability as more and more devices use the Cloud for data storage and are at risk for this information to be stolen. Privacy concerns may include the risk of revealing personally identifiable information (PII), through either accidental or intentional malicious efforts to extract information.An October 2018 research report, China\u2019s Internet of Things (pdf), was a project conducted by \u201cSOSi\u2019s Special Programs Division (SPD), the premier open source and cultural intelligence exploitation cell for the U.S. intelligence community.\u201dMany of you would likely rather poke a stick in your eye than read a 202-page report \u2013 a nice chunk of those pages consisting of IoT privacy policies, but it delves into how China is becoming more dominant in the IoT arena and is therefore in a position to dictate rules of international standards, including those that impact the security of IoT devices against unauthorized access.The report looks at previous and known vulnerabilities in Chinese IoT products and discusses how Beijing\u2019s \u201cresearch into IoT security flaws and its growing civil-military cooperation raise concerns against gaining unauthorized access to IoT devices and sensitive data.\u201d While we mostly hear about back-door flaws that enable unauthorized access to IoT devices, the report points out that \u201ceven authorized access to these devices may reveal large amounts of sensitive data on U.S. citizens.\u201d That \u201cauthorized access to IoT data of U.S. consumers will only grow as Chinese IoT companies leverage their advantages in production and cost to gain market share in the United States.\u201dNot that it means your potential connected office furniture would be made in China, or contain components made in China, but\u2026 .Now, back the NSA\u2019s warning about IoT office furniture. The post stated:NSA is thinking about the implications of connected smart furniture because, like business, we have to buy office furniture, too! Soon it may not be feasible to procure the old unconnected \u201cdumb\u201d furniture, as some estimates for growth in the smart furniture area project a 20% Compound Annual Growth Rate (CAGR) between 2018 and 2026. Not only will smart furniture be more common, it may become integrated with the rest of our connected buildings, homes, and lives to truly optimize the effects of connected things. Going forward, we will need to scrutinize all sorts of equipment to manage security and privacy implications in the workplace.The bottom line is that connected devices provide more entry points for adversaries to attack a network than ever before. And as we enjoy more personalized care from everyday items like our office furniture, we may unknowingly be giving our adversaries more sensitive information than we intend.You may not think that \u201csmart\u201d furniture will become an actual big thing, but some said that about other items \u2013 and good luck trying to find a decent vehicle or even a TV that isn\u2019t connected. So if you want \u201cdumb\u201d furniture, then maybe you should consider shopping for it sooner rather than later when more office furniture will come with IoT connectivity?