How To Get Ready With The Unprecedented Growth Of IoT Devices?
The IoT era has already begun and it can be said that it is a stage where it is rapidly expanding now, both at the homes and the enterprise space. By connecting common appliances to the Internet, it is said that living, work, environment, etc. are made more convenient. However, on the other hand, cyber attacks targeting IoT was already raging for quite a while, and there is real possibility that everyone will be greatly affected. How should people and organizations collect themselves in the face of these massive changes unprecedented happening in computing, where common items are becoming ‘smart’.
IoT stands for “Internet of Things“, it means that the simple device is Internet-aware, and it can communicate with other devices while operating. Products beyond personal computers and smartphones with Internet-awareness such as smart televisions and smart refrigerators are becoming commodity items in the appliance retail centers nearest you. The enterprise environment is also changing, with the introduction of smart equipments such as multifunction machines, video conference systems, security cameras, etc.
By embracing the IoT ‘revolution’, it becomes possible to use the embedded device sensors they contain to extend user control. For example, it is possible to detect the activity status of people’s living space such as: opening and closing of the door of the refrigerator, use of the water heater, switch on the air conditioner and sprinkle the hot water in the bath, through the use of a smartphone app by the house’s owners while they are away. Furthermore, it can also be used by government authorities and utilities for avoiding danger with a sensor that detects deflection of a bridge, a sensor that detects the water level of a river, and so on.
In this way, the number of IoT devices that can be used in a wide range of fields is increasing rapidly and is expected to reach 50 billion units by 2020. On the other hand, the security of IoT devices is also concerned. Especially IoT equipment with notification function may be abused and a large scale cyber attack that actually misuse millions of IoT equipment has also occurred. The security measures of IoT devices are an urgent issue.
Here are the tips to secure your IoT devices at optimal conditions:
- Regularly check for firmware updates for your device.
Internet-of-Things devices are no different from a personal computer which stores valuable information and runs using an operating system. New bugs and vulnerabilities are discovered regularly, hence IoT manufacturers continue to release patches for their devices. It is critical for IoT users to use the latest versions of the firmware, this will plug the loopholes and other potential exploits against the device.
- Connect the IoT device behind a router.
Never connect an IoT device directly to the modem or switch, as that basically opens-up the device to the public Internet without the protection of a firewall. Any router that uses Network Address Translation (NAT) doubles as a hardware firewall for all the devices behind it, yes including that generic-looking home routers sold for $20 at any network supplies store will suffice.
- Only use bluetooth feature if necessary (Keep the Bluetooth Personal Area Network private).
Bluetooth protocol establishes its own network called PAN, and enabling Bluetooth 24/7 broadcast its existence to the public round-the-clock. Only use the bluetooth feature if needed instead of being enabled all the time.
- Always download the latest version of the Android/iOS app that controls your IoT device remotely.
Same as the device’s firmware, the app that is used to control the IoT device remotely needs to be updated regularly. Regularly check with Google Play Store or Apple App Store if there is an updated version for the IoT app. The purpose of updating apps is to have the most secure version installed instead of settling with an old vulnerable version.
Also, if the amount of data to be handled increases, inevitably there will be new forms of privacy issues that can not be imagined at this time. However, even in old-fashioned media such as e-mails, challenges remain in protecting privacy, and we are currently hearing news about corporate data mistakes indeed frequently. In addition, it does not mean that it is good if the data is managed firmly inside the company.
For example, even when Target company finds out who was pregnant from customer data and applies it to individual correspondence marketing several years ago, The issue of how far we can grasp unspecified large numbers of personal data are not a future problem. As the Internet’s development progresses, more detailed personal information will be handled, so for enterprises how to do effective marketing without stepping into personal information more than necessary.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.