Making the Internet of Things a Safer Place for Everyone

double exposure of hand showing Internet of things (IoT) word diagram as concept/ Photo By everythingpossible via 123RF

A lot of people do not implement the proper security measures when using Internet of Things devices. Those who think that they are not one of these people should realize that in their homes can be found smart devices or appliances that can be connected to the Internet, according to Francis Dinha, writing for Forbes magazine.


These devices include digital media players such as Internet-enabled TVs and Blu-ray players, game consoles, home security systems, smart baby monitors, smart refrigerators, and thermostats.

When left unsecured, hackers can exploit the vulnerabilities of individual devices to install ransomware, invade privacy, and launch distributed denial-of-service attacks on other organizations. But there are ways that individuals can protect themselves when using smart devices.

Securing Devices

This can be done by updating software, using the proper filters and firewalls, practicing safe Internet habits, not falling prey to phishing scams, and avoiding spoof sites. If possible, two-factor authentication should be practiced.

Choosing Reputable Vendors

Smart devices should only be bought from trusted vendors because they will likely have the latest cybersecurity measures implemented. Their prices may be a bit higher but consumers will have peace of mind.

Upgrading the Security of Home Computer Networks

Home computer networks should be configured so as not to send data without the user’s permission. Passwords should be protected and never shared with other people.

Using Private or Public Cloud Networks

Before using either private or public cloud networks, the merits and risks of such networks should be appraised. The level of privacy provided by such networks should also be verified.

Using a Virtual Private Network

To prevent cyber attacks, home computer routers must have a VPN that functions as a firewall for incoming traffic.

On the other hand, the IoT touts many advantages for businesses, including huge amounts of data to help them serve customers more effectively. But hackers will also try to take advantage of their weaknesses because of the number of products, buildings, vehicle, assets, and devices interconnected.

Laura DiDio, principal analyst at consulting firm ITIC, said any point in the network, from the network edge/perimeter to corporate servers, and main applications to end-user devices and the transmission mechanisms, are all susceptible to cyber attacks. But there are best practices that businesses can resort to in protecting their IoT environments.

Identify, Track and Manage Endpoint Devices

The security of endpoint devices cannot be achieved unless it has been determined which devices are connected and their activities monitored. For Ruggero Contu, director of research at Gartner Inc., this is an important area because the full visibility of interconnected smart devices is necessary for the operational and security requirements of businesses. Didio agrees with Contu and urges companies to make a thorough inventory of all devices connected to their IoT network and look for devices that may contain backdoors and open ports.

 

double exposure of hand showing Internet of things (IoT) word diagram as concept/ Photo By everythingpossible via 123RF

 

Patching Security Flaws as They are Discovered

Patching is one of the fundamental tenets of good IT security, according to John Pironti, president of consulting firm IP Architects. Pironti said a security patch is an admission from vendors that there is a problem in their devices and the patch serves as a solution.

Additionally, there are ways of securing IoT, according to Jay Thoden van Velzen, writing for the Digitalist Magazine.

Risk Management

Cybersecurity relies on a risk-based approach that takes into account the possibility of staging a cyberattack and its impact if ever it happens, which are good indicators of how much security an IoT network needs. But an IoT security measure that monitors, manages and optimizes operations in a factory floor requires stricter security protocols than one that merely turns off the lights in a conference room when sensors detect that is not being used. A successful cyber attack on such a factory could trigger an industrial accident resulting in injuries and loss of lives. On the other hand, the worst possible thing that may happen when sensors in a conference room are hacked is a bigger electricity bill.

Limiting Device-to-Device Communication

It is a common mistaken perception in IoT that many devices are connected to other many devices, increasing the harm that a successful cyber attack can do an IoT network, such as catastrophic failure or the taking over of a significant part of the IoT infrastructure. Limiting the number of IoT devices that can talk to each other, both can be secured better and damage to the IoT can be minimized.

Retaining Control of the IoT Infrastructure

IoT devices should have the needed security and be open so that how they function can be analyzed and understood. Features needed to improve security can also be installed or implemented. This will include the ability to update devices automatically and in a secure way.

 

 

End-to-End Encryption

Communication between devices and data-ingestion points should be encrypted to prevent their being accessed by unauthorized persons. Encryption will also thwart the tampering of sensitive data in transit or the stealing of information to spoof or impersonate the device.

Leveraging Existing Expertise

Proven technologies, tools and best practices used in traditional IT can be used in improving IoT security. These include digital certificates, restricting what IoT devices can do and communicate and by adding protection and monitoring mechanisms.