The internet of things (IoT) refers to the network of physical objects embedded with network connectivity.
This technology allows devices that were previously silent to communicate and share data. For instance, objects as complex as automobiles, public transportation and heart monitors can now share data with appliances like washing machines or refrigerators. The result is an explosion of both data creators and data collectors.
However, as the initial excitement and possibilities about IoT have subsided, it has created serious concerns about the functionality and security of connecting everyday devices. With experts forecasting that as many as 50 billion IoT devices could be connected by 2020, IT professionals are grappling with the problem of securing so many devices.
One of the fundamental issues of IoT security is the sheer number of gadgets for which to account. Securing that many devices behind a single security firewall can be difficult. Just a few years ago we only had to worry about digitally securing our computers. Now we have to consider protecting our cell phones, wearable devices, home appliances and more.
Properly securing IoT could require an enormous investment of resources. Businesses already worry about the security of their networks being used through computers and smartphones, but as IoT grows, businesses may also have to secure ordinary objects, such as the motion detector that monitors how many people are in the conference room.
To make matters worse, HP has estimated that as many as 70 percent of IoT devices could be vulnerable to attack. With smart devices, such as watches, baby monitors and garage doors taking in thousands of data points daily, even small breaches could compromise millions.
IoT brings a wealth of benefits and advantages to both businesses and consumers.
People who utilize smart devices can count on a treasure trove of relevant and targeted data. This can help companies manage everything from inventory tracking to remote workers. But managing our new smart gadget-driven world is not without potential pitfalls and security headaches.
Here are a few ways they can protect devices and networks from unwanted and malicious intrusions and keep consumers safe.
Developers need to ensure their devices are patchable, and then stay constant and current with available security updates. A problem still exists when patches are released, but users fail to take the necessary steps to update their devices – leaving hundreds of millions of unpatched and unsecured devices on the internet.
There is only so much that manufacturers and developers can do to remedy this problem, but two suggestions are to send alerts to users when a patch is available or allow users to opt in for automatic updates.
Even when developers are proactive with patches, they need to understand these security updates will impact every user differently due to the variety of operating systems in use on individual devices. For instance, Apple, Samsung, Google and Microsoft all have their own IoT platforms, which don’t always communicate well with each other.
Developers need to consider a multi-layered security approach which will effectively function throughout the lifecycle of an IoT device, regardless of the operating system it’s running.
The next time you scan for nearby Bluetooth connections on your cell phone in a crowded place, you’ll probably see a few smart devices pop up.
Most devices already require passwords or two-step verification to connect, but developers should consider adding this security measure to all IoT products. Users will want their devices to automatically connect, but this should only be an option after security and authenticity are initially verified.
The simple fact is that most people who use IoT devices do not understand how they work and may wrongly assume that their devices are secure, which may not be the case if the product is discoverable by default.
Unfortunately, until there is a massive IoT security breach (and it’s likely not a matter of if, but when), we really won’t understand the risks associated with all of our interconnected devices. This is not to say we should abandon an IoT world because the security threat level is too great; the benefits far outweigh the risks.
While developers and manufacturers do hold some of the responsibility of mitigating these risks, the onus is also on users to understanding how devices will share their data and taking proactive steps – like downloading those security patches and frequently updating passwords – to protect their personal information.
Does your business have network security or IT infrastructure needs? Contact us today to learn more about INAP’s high-performance network services that will keep your applications running as fast as your business.