Internet of Things – Security Challenges

dedicated secure phone vs secure apps
Dedicated Secure Phone vs Secure Apps
June 25, 2018
Mobile Applications Security Vulnerabilities
Mobile Applications & Security Vulnerabilities
June 25, 2018
dedicated secure phone vs secure apps
Dedicated Secure Phone vs Secure Apps
June 25, 2018
Mobile Applications Security Vulnerabilities
Mobile Applications & Security Vulnerabilities
June 25, 2018
Internet of Things or IoT is a network of physical objects or things connected to the Internet. The objective of Internet of Things is to enable these objects or things to communicate and exchange data with each other.



These objects could be anything like mobile phones, TV, watches, car, headphones, lights, house-holding items like refrigerator, washing machine, microwave oven, etc. These objects and entities, known as things are provided unique identifiers and the ability to transfer data automatically over a network.

The communication in Internet of Things (IOT) comes from computing devices and embedded sensor systems used in industrial machine-to-machine communication, smart energy grids, smart homes and building automation, vehicle to vehicle communication and wearable computing devices.

However, since the idea of communication between physical objects and the internet is relatively new, the security could at times become vulnerable. Increased automation and digitization creates new security challenges. Security of multiple points in the network is challenging and the risks are huge.

Cyber Security is of utmost importance in Internet of Things, and security is not given the highest priority, the whole business model based on IOT will be undermined.


Some of the security challenges identified in Internet of Things are:

  1. Increase in vulnerability points:
    As there are millions and billions devices connected in the Internet of Things. Each of these devices create a potential security risk as they represent a potential doorway to your IT infrastructure and data.
    A study by Fortify, a part of HP, showed that 70 percent of the devices connected in the IOT are vulnerable to the security issues.
  2. Privacy Concerns:
    Most of the devices connected in the Internet of Things in one way or the other collected at least some personal information of the user from the device or from the application. Some of the devices even transmit this information via the network without any encryption. This makes the data vulnerable to theft and misuse if accessed by an unauthorized person.
  3. Authentication and Authorization:
    Weak and easy to break passwords add to the vulnerability. A lot of users configure their devices and accounts with weak passwords. Some of the users don’t even change the default passwords given by vendors for the devices.
  4. Not all devices connected are encrypted:
    In Internet of Things the devices connected communicate with each other by transferring data from one device to another device via the network. Most of these devices fail to encrypt the data and hence an addition to the security issues. Encryption in IOT should be of the highest priority seeing the amount of data and information that transferred between the devices, the cloud and the mobile applications.




It is crucial to take care of the above security challenges and make Internet of Things more secure and trustworthy for users. Security of Internet of Things is a multi-layered approach, and security needs to be taken care of at two levels – the device level and the network level.
This will be ensured by increasing the security level around the following.

  1. Secure Booting:
    Secure booting will ensure that the device only allows an authorized access and keeps the hackers away. This could be done by using a digital signature, or a cryptographically signed code.
  2. Secure Code Updates:
    Secure code on the device should be updated for any bug fixes or security patches ensuring that any malicious code does not enter into the system.
  3. Access Control:
    Access Control methods should be installed into the device to allow it to only access the necessary resources required to perform any action.
  4. Device Authentication and Data Security:
    It is important to prevent unauthorized access to the device, data storage or communication. Data Storage and communication needs to encrypted. All communications with the device should be authenticated, the device needs to be authenticated prior the device communicating over the network.
  5. Secure Communication:
    Incoming and outgoing communication from the device needs to secured and encrypted. Strong encryption protocols should be used to encrypt the communication.
  6. Prevent Cyber Attacks:
    It is important to prevent any sort of cyber attacks. This can be achieved by embedding firewalls which would provide a layers against such attacks by inspecting the traffic at the device and stop the malicious attempts and block the hackers before launching an attack.

Taking care of the above points will ensure that security and privacy in Internet of Things is fully protected and not compromised.


References:

http://www.cmswire.com/cms/internet-of-things/top-5-internet-of-things-security-concerns-026043.php
http://www.vyzvoice.com/the-internet-of-things-security-challenges/#_ftn1
http://internetofthingsagenda.techtarget.com/definition/IoT-security-Internet-of-Things-security
https://securityintelligence.com/how-the-internet-of-things-iot-is-changing-the-cybersecurity-landscape/

Read more about Kryptotel’s services in the field of Internet of Things.


Feel free to get in touch with Kryptotel for any further information on how to improve security in Internet of Things. Please visit us at: www.kryptotel.ae.