Co-Author: Nirmal Kumar
Why is IoT security a big deal?
The IoT security breach is dominating the headlines lately. Recently WikiLeak’s CIA document proved that IoT devices such as smart TVs that are connected to the internet could be used to secretly record conversations. Dyn, a popular internet service provider disrupted the access to its popular websites where the hackers utilized the DVRs and cameras of the connected devices. The vitality of IoT device security is a huge deal of concern with a lot of dependencies that get created around big data and personal data. The security gurus have deduced that the potential risk of unsecured Internet of Things devices is going to be significant as the number of estimated IoT users will reach 40 billion by the year 2020. Much of these applications come from the communication of computing devices and embedded systems sensor used in machine-to-machine communications, smart energy grids, wearables, and smart cities.
The issues with creating a more robust security concern the processors that are being programmed with software as the R&D process for introducing a more efficient embedded system. Improved security means viewing it as a whole new infrastructure with a lot of silicon in server CPUs, expensive DDR4 ECC RAM and even bigger SSDs, all housed in expensive servers, in bigger data centres. Since consumerism is directly proportional to the thriving trends, creating a robust and secured system is not just cost consuming, but the physical design of the device becomes large which doesn’t tend to the ROI expectations of investors. In other words, the selling point of the device in terms of security will not make up for the fact that the newer device would be battery consuming, and not at the right price point for customers.
IoT as a necessity
Ever since smartphones have made their mark in the tech industry, the consumerism and dependency on them have been proportionally expanding and so has IoT. Have you ever wondered how a relevant voucher or suggestion from an app “magically” appears when you step foot into the grocery store? Or how you get a pop up from a travel app quoting, “How was your recent trip to Mauritius? Here is your timeline!”(I, personally, was shocked when I saw the notification for the first time because till then I didn’t know the app had permission to my phone’s GPS). I’m sure there’s a lot of people who use Internet of Things devices such as iWatches and Fitbits to track their health and record every step of data including the whereabouts, home and office timings. This is just the tip of the iceberg. Our phones remember more than we do. The point is, smart “things” do most of the “talking” and take smart decisions more than people do, and a lot of these are dependent on very sensitive data that we store on our devices, which is highly susceptible to hacking when considered on a large scale.
The explosion of these technologies also comes with the threat of cyber-attacks. The fear is not only among common people. From tracking your morning steps to your sleep habits, recording every personal health information, smart fridges, smart TVs, transportation and baby monitors, the gadgets hold detailed sensitive information on an individual. Even though you personally don’t suffer the consequences of being hacked, our connected devices may inadvertently be cooperating with criminals. The effects of these attacks are humungous, making every individual vulnerable at the end of the day.
What is being done to secure IoT?
A survey conducted across six countries regarding the need for secured IoT shows that 89 percent of the respondents expect security to be built in their gadgets and that at least one device is connected to their home. India tops the list with a 97 percentile on the devices connected to home.
Recently IBM has developed X Force Red, a new IoT security service that helps test the devices through development and deployment. The study commissioned by IBM proves that X Force Red services offer an added layer of protection for vulnerabilities that might be introduced after the production phase which secures the deployed devices. The group also aims in developing standardized protocols in automotive industries and help clients secure network, hardware, and human interactions. IBM also recently introduced a new security testing portal called the Red portal and a new password cracking cluster known as Cracken.
What do we do about it?
Even though IoT security depends on a lot of external factors and solutions with best practices are being constantly developed by tech moguls, there are a few essential tips which can be adopted by us to guard our personal data:
- Password Protect- It is not just necessary to safeguard your devices and connectivity with strong passwords, but to keep updating them with newer, less predictable patterns. Do it periodically for all the connected gadgets.
- Careful with Internet Connections- Avoid using Wi-fi connections that aren’t password protected when you try to gain remote access. You may risk your device to hacking by connecting to such Wi-fi.
- Security Patches- Constantly update your device with latest system updates and check for security updates for the device in their manufactures website.
- Default device settings- Most smart devices feature adjustable privacy settings. Depending on the desired level of security you can enable or disable certain connectivity features. For instance, if you are suspicious of voice control or motion sensor you can turn them off and always turn them back on when needed.
- Segment your network– Many routers allow you to set up multiple networks. Consult your service provider or check out the router’s manual to establish a separate connectivity for IoT devices. The more you segment the harder it is for the hackers to access all of your devices and data.
- Disconnect your devices when not in use– While some devices require constant internet connection, there are some devices like your smart TV, coffee makers, and video cameras that can be switched off when they are not being used.
Technology has come a long way with its uses penetrating human life in a mind-blowing way so much so that we cannot imagine life without the Internet.
Things have been made so user friendly, that most of our “life’s data” is inside these devices giving us smart reminders beyond our needs and constantly leaving us in awe every time a new concept of IoT is introduced. Such sensitive data must be protected from cyberattacks with the help of more regulated protocols and systems that thrive in updating the security of personal and big data.