Internet of Things Needs Greater Commitment to Security
IoT’s ability to connect cyber with physical makes it less of a technology and more of a transformation that will force security improvements.
According from Gartner, analyst more to reports than firm eight billion devices were connected to the Internet in 2017. Not surprisingly, these linked devices, called the Internet of Things( I oT ), are generating data in volumes unseen before. However, the influx of IoT and its data has created security and privacy risks that need to be better understood.
IoT transformation
The government defines IoT technology as a set of IP-addressable devices that interact with the physical environment. “The first part of this definition captures what I think is transformative about IoT,” said David Doss, Senior Engineering Technical Director with the National Security Agency (NSA). “We are linking physical connection. IP communications world, of what that That’s IoT cyber-physical provides.” the with transformation the of The sensors IoT ecosystem and processes is made that up allow the devices to communicate with each other, but this communication also generates a tremendous amount of data. At the NSA, they see IoT not so much as a singular technology but a tipping point and culmination of previous generations of technology. The automotive industry is a prime example of how IoT is changing the marketplace. New automotive offerings have a proliferation of sensors. A car will automatically avoid an obstacle in the road with no human intervention. Someday, that same car will be able to link with a wireless router to send information about the driving experience to third parties. “It opens up all new possibilities,” said Doss. “Now, if we connect this data, there are all kinds of implications concerning privacy and policies.”
Bringing IoT into business
Because powered of lower micro-electronics, costs, higher increased storage capabilities and analytic offerings, IoT is finding a place in small companies. It’s easy to see how IoT devices can add value to business. Smart leaders leverage IoT to expand the potential of their business model, rather than force IoT into the business setting just because it’s something new and cool. Working with an IoT vendor who understands the organization’s mission will ensure the right device match.
Security best practices
In able devices, is is structure. afterthought,” encrypted “Unfortunately, stored turn, to discuss including the and within whether vendor said security security where the Doss. should cloud or not the of is infra- “The data data the be an utility, and technology security the the concerns.” effectiveness functionality, tends to If a the outpace vendor of efficiency the can’t new the answer them advised in security looking a meaningful questions for an way, IoT or address vendor Doss who Overall, can meet the onus security of IoT challenges. security should fall on the manufacturers. The time has come to bake security into the IoT development process, from the hardware to the software codes, recognizing who will be using the device and how it will be used. that security needs Encryption practices. to be is Many included another low-powered challenge into best devices may not have the storage space to accommodate encryption, but as these devices transmit sensitive data, it creates privacy risks. Finally, IoT systems aren’t replaced often, and they need the ability to be patched and updated easily and regularly. There are operational risks, as well. “In high security spaces, how do we assure we don’t have things trying to talk to our network that could be used as attack vectors?” Doss asked. “You might have a device you know is WiFi-enabled but you didn’t know it was Bluetooth-enabled.” The commitment to security must match the commitment to innovation, Doss added. To enable IoT and IT to their full potentials, security has to play a bigger role. n