BLOG

Is Internet of Things IoT secure?

What is Internet of Things?

Smart locks, smart thermostats, smart cars — you’ve probably heard some of these terms lately, and you’re going to hear them even more as the year goes on. But what are these things exactly — and what makes them so smart?

These devices are all part of an emerging category called the Internet of Things, or IoT for short. At its very basic level, IoT refers to the connection of everyday objects to the Internet and one another, with the goal being to provide users with smarter, more efficient experiences.

Data Collection and Security

The various amounts of data collected by smart home devices, connected cars and wearables have many people worried about the potential risk of personal data getting into the wrong hands. The increased number of access points also poses a security risk.

The Federal Trade Commission has expressed concerns and has recommended that companies take several precautions to protect their customers. The FTC, however, doesn’t have the authority to enforce regulations on IoT devices, so it’s unclear how many companies will heed its advice.

Of the companies I’ve talked to, all said that security and privacy were of the utmost importance. For example, Apple requires that companies developing products for its HomeKit platform include end-to-end encryption and authentication and a privacy policy. The company also said it doesn’t collect any customer data related to HomeKit accessories.

Problem with New Technology

The main problem is that because the idea of networking appliances and other objects is relatively new, security has not always been considered in product design.  Some IoT products released came with old and unpatched embedded operating systems and software. Furthermore, purchasers often fail to change the default passwords on smart devices — or if they do change them, fail to select sufficiently strong passwords. To improve security, an IoT device that needs to be directly accessible over the Internet, should be segmented into its dedicated network and have network access restricted. The network layer should then be monitored to identify potential anomalous traffic, and the necessary actions take place if there is a problem.

Securing multiple points of vulnerability, whether that is a company laptop, a valve in an industrial plant or a smart TV in an individual’s home, is a major challenge for organizations and requires a wide-ranging response.

The risks are enormous. With personal data and IP stored on connected devices, hackers have the very real potential to limit an organization’s performance.

Ways to Improve IoT Security

Set up an integrated team of business executives and security specialists

An integrated team will allow for greater collaboration, ensure the business and security concerns are well balanced, and any vulnerabilities can be identified early in the product lifecycle.

Integrate security best practice with the IoT product development process

Business leaders need to identify where their organization might be vulnerable through an analysis of disruptive attack scenarios, and the financial and non-financial impact of an attack on the organization as well as the users.

Educate consumers as well as front-line staff in security best practice

Organizations must inform and educate consumers on best practice, and Front-line staff must be well-trained on how to help customers manage these issues.

Address privacy concerns with transparent privacy policies

For protection to the consumers from potential data privacy breaches, businesses need to develop privacy policies that clearly detail how the data collected from IoT products.  Appropriate analyzed data should set proper procedures readily available for the consumers.

Leave a Reply

Your email address will not be published. Required fields are marked *