Protect IoT: it's up to you

[ad_1]
<div _ngcontent-c14 = "" innerhtml = "

The Internet of Things is ubiquitous and continues to grow as manufacturers add computing capacity to an increasing number of their products. All these devices connected to the Internet pose a security risk. It's much bigger than an intruder who adjusts the owner's Nest Thermostat to two degrees. We can all help reduce the security risk badociated with IoT by embracing the concept of collective immunity.

All that is stupid is smart

At the Consumer Electronics Show (CES) 2017, LG announced that it was considering adding "advanced WiFi connectivity" to all of his appliances. It does not matter if you think you need a toaster connected to the Internet. If a device can be connected to the Internet, it will be. & nbsp;

The computing capacity is so inexpensive that we can add it to any hardware. This has tremendous utility when we begin to think about the role of computers in our daily lives (with the exception of a toaster), in manufacturing and in industrial control systems. Suddenly, we can monitor and control everything and anything, from anywhere. & nbsp;

Unfortunately, security is rarely integrated with devices connected to the Internet. While browsing the showroom at CES last year, I saw extraordinary products, including a $ 8,000 beach umbrella who moves with the sun. But when I asked manufacturers how they secured their Internet-connected products and the data they collected, it quickly became apparent that security was a secondary interest for these manufacturers, if it were one.

Smart, but not secure

It is important for consumers and manufacturers to understand the risks involved when devices are connected to the Internet. Often, when users think about security and IoT, they think about someone who remotely accesses their Nest Thermostat or their smart fridge. Remote access is definitely a threat to medical devices. But that does not worry the vast majority of consumers today. The security risk badociated with most devices connected to the Internet is not controlled by the device itself. After all, what does an attacker have to gain by changing the temperature of your thermostat or refrigerator?

The security problem is that all of these devices operate on the same local network (the same local area network as your personal computer devices). It is relatively easy to hack a device connected to the Internet to access other systems on the network and obtain sensitive data. An attacker could access your personal computer's confidential files or obtain tax and financial data on your personal computer, simply by hacking the webcam you configured in front of the entrance to prevent a home invasion.

Protect the IoT: it's up to you to play

The concept of herd immunity, used by livestock farmers, shows how the majority can reduce the security risk badociated with IoT for the whole. The concept of herd immunity basically states that when no livestock are immunized, the disease spreads throughout the population. When some are immunized, the disease spreads to a part of the population. However, when the majority of the population is immunized, the spread of the disease is limited. The same concept can be applied to the IoT.

IoT security recommendations:

1. Place your devices behind a firewall. Attackers can not affect what they can not touch. The devices must not be accessible via the Internet, except in case of absolute necessity. A firewall is a starting point to control access and stateful connection.
2. Fix your devices. Once a year, take an inventory of resources to identify your devices connected to the Internet. Then go to each manufacturer's website and apply the necessary patches.
3. Separate your local network. All IoT devices must be on their own VLAN with their own fake email account, separate from your personal computing devices. A VLAN is not foolproof, but it will deter attackers.

As for manufacturers, they should be held responsible for the devices they sell. They must face the consequences of not securing their products. Any Internet-connected device sold in the United States must have a minimum of lifecycle security support, which includes disclosure of vulnerabilities with minimal response time and a secure patch procedure.

Unfortunately, there is currently no incentive for manufacturers to change and it is incumbent on us to solve the problem of IoT security. But luckily you do not have to go beyond the bear. You just have to leave the guy next to you. If the majority applies the three measures described above to secure their devices, we will all be better off.

">

The Internet of Things is ubiquitous and continues to grow as manufacturers add computing capacity to an increasing number of their products. All these devices connected to the Internet pose a security risk. It's much bigger than an intruder who adjusts the owner's Nest Thermostat to two degrees. We can all help reduce the security risk badociated with IoT by embracing the concept of collective immunity.

All that is stupid is smart

At the Consumer Electronics Show (CES) 2017, LG announced that it was considering adding "advanced WiFi connectivity" to all of his appliances. It does not matter if you think you need a toaster connected to the Internet. If a device can be connected to the Internet, it will be.

The computing capacity is so inexpensive that we can add it to any hardware. This has tremendous utility when we begin to think about the role of computers in our daily lives (with the exception of a toaster), in manufacturing and in industrial control systems. Suddenly, we can monitor and control everything and anything, from anywhere.

Unfortunately, security is rarely integrated with devices connected to the Internet. While browsing the showroom at CES last year, I saw extraordinary products, including a $ 8,000 beach umbrella who moves with the sun. But when I asked manufacturers how they secured their Internet-connected products and the data they collected, it quickly became apparent that security was a secondary interest for these manufacturers, if it were one.

Smart, but not secure

It is important for consumers and manufacturers to understand the risks involved when devices are connected to the Internet. Often, when users think about security and IoT, they think about someone who remotely accesses their Nest Thermostat or their smart fridge. Remote access is definitely a threat to medical devices. But that does not worry the vast majority of consumers today. The security risk badociated with most devices connected to the Internet is not controlled by the device itself. After all, what does an attacker have to gain by changing the temperature of your thermostat or refrigerator?

The security problem is that all of these devices operate on the same local network (the same local area network as your personal computer devices). It is relatively easy to hack a device connected to the Internet to access other systems on the network and obtain sensitive data. An attacker could access your personal computer's confidential files or obtain tax and financial data on your personal computer, simply by hacking the webcam you configured in front of the entrance to prevent a home invasion.

Protect the IoT: it's up to you to play

The concept of herd immunity, used by livestock farmers, shows how the majority can reduce the security risk badociated with IoT for the whole. The concept of herd immunity basically states that when no livestock are immunized, the disease spreads throughout the population. When some are immunized, the disease spreads to a part of the population. However, when the majority of the population is immunized, the spread of the disease is limited. The same concept can be applied to the IoT.

IoT security recommendations:

1. Place your devices behind a firewall. Attackers can not affect what they can not touch. The devices must not be accessible via the Internet, except in case of absolute necessity. A firewall is a starting point to control access and stateful connection.
2. Fix your devices. Once a year, take an inventory of resources to identify your devices connected to the Internet. Then go to each manufacturer's website and apply the necessary patches.
3. Separate your local network. All IoT devices must be on their own VLAN with their own fake email account, separate from your personal computing devices. A VLAN is not foolproof, but it will deter attackers.

As for manufacturers, they should be held responsible for the devices they sell. They must face the consequences of not securing their products. Any Internet-connected device sold in the United States must have a minimum of lifecycle security support, which includes disclosure of vulnerabilities with minimal response time and a secure patch procedure.

Unfortunately, there is currently no incentive for manufacturers to change and it is incumbent on us to solve the problem of IoT security. But luckily you do not have to go beyond the bear. You just have to leave the guy next to you. If the majority applies the three measures described above to secure their devices, we will all be better off.