Office1 Blog

Securing the IoT: What You Need to Know

October 11, 2018 | by Curtis Buhrkuhl


office1-blog-lock
From the beginning, most new technologies are not designed with security in mind.
 The Internet of Things (IoT) is no exception. In a rush to get cool new devices out the door, manufacturers fail to consider security and cut corners, leaving the technology with vulnerabilities. As more IoT devices and applications make their way into the enterprise, this brings forth a major security risk—and a big headache for IT.

office1-blog-check

The future growth for IoT devices is massive. With this exponential growth, it increases the likelihood for security risks. Only 0.06% of all devices that could potentially take advantage of IoT are actually doing so. This leaves the remaining 99.94% available for optimization.

 

Security For Your IoT Projects

Unfortunately, there is no current protocol for implementing security solutions for your IoT technology, but as IT leaders in the industry, we’ve come up with a solution. So if you are currently evaluating (or actively executing) a project involving IoT devices, here are some security-related aspects you should consider:

    • Communication Protocols: IoT devices are not limited to standard Web protocols (HTTP or HTTPS); there are infinite communication protocols in use by various IoT devices in the market. Some communication protocols, like bluetooth, wireless, and wifi, are commonly known. While others, such as 6LoWPAN, Message Queue Telemetry Transport (MQTT), and Constrained Application Protocol (CoAP) are less heard of. The more protocols involved in your system design, the more complex and difficult it will be to secure. Therefore, it is important to choose the protocols that work best for your IoT device in order to avoid outside security breaches.
    • Device Constraints: Understanding the limits of your IoT devices allows you to understand what further security measures need to be taken. IoT devices typically feature low power consumption, with limited processing power and data storage. This limits the sophistication of the security measures that can be implemented on your device. While this is the case for most devices, each one have their own associated constraints which need to be specifically evaluated to optimize the security for the device.
    • Data Capture: An effective security framework will have a way to capture data traffic information. This includes what device communicated at a given time, what communication protocol was used, which entity initiated the communication, and so on. It is essential to implement a data capture tool—without this data, and a solid, intuitive reporting tool, it’s extremely difficult to diagnose and fix security issues.
    • Patching: IoT devices need to be patched and updated from time to time, similar to traditional servers and workstations. It is imperative that patches always be up to date in order to prevent network exposure. Many devices need periodic firmware updates as well. How easily this can be accomplished for a given device is an important factor in the consumers’ buying decision.
    • Environment: There are other parts of your network’s infrastructure, and it is important to evaluate everything to ensure your device is secure. IoT devices interact with your technology ecosystem as a whole. The servers, operating, and data storage systems are just as significant as an IoT deployment. With these devices being so interconnected, it creates a gateways for hackers. To prevent any breaches, assessing how IoT interacts with your current technology ecosystem is crucial in order to make a plan to secure it.
    • Securing Networks: Although an individual device is secure, hackers can use networks as an entry point into the IoT device. There are several different methods to secure your network: 
      • Any standard network protocol: A basic security protocol and updating passwords frequently can go a long way. 
      • Installing a firewall: A firewall blocks all sensitive information and installing one for your network is essential.
      • Using a private network: Just like creating a private network for visitors, you can separate your IoT devices from your regular network to up security.
  • Keep Track Of New and Old Devices: With the vast growing market of IoT devices, it can be easy to forget about your old devices. Old IoT devices can cause an abundant amount of potential threats because their security protocol is not up-to-date. There’s even a possibility that old devices you didn’t even know were IoT devices actually are. This leaves your company’s network vulnerable to threats, and why it’s important to disconnect your old devices from your network. It is also important to keep track and assess your new and current devices. Knowing what devices are connected to your network and how accessible they are is essential for proper security.

Next Steps

IoT devices and applications are expected to continuously grow over the next few years, and some of them will come with compelling stories about increased business productivity, reduced costs, and enhanced process monitoring and control. In order to make sure your company is taking full advantage of the IoT devices on your network, it’s imperative to make sure the benefits outweigh the risks. It’s only a matter of time before your business starts implementing an IoT solution of some kind. Here are some things you can do now to prepare and get ahead of the curve:

Establish Standards and Processes: Be proactive and don’t wait until a pallet of IoT devices arrives on your loading dock to figure out how to manage them. 

office1-blog-stat2
By having this as part of your IT plan there is no need to mish mash. Implement this plan into your workflow process in order to stay proactive and ahead of the game.

Think Industry: Because IoT is a vastly emerging technology, it can drive strategy and focusing on the industry aspect of IoT will help your business grow and ultimately lead it to success. IoT is estimated to add over $14 trillion to boost the economy by 2035 and according to Cisco, the connections will exceed to represent almost half of all internet connected devices in the world by 2020. It is important to be aware of this expected industry growth in order to incorporate IoT into future business plans.    

Guide the Business in the Right Direction: The total cost of ownership and ROI are not the only metrics for evaluating a solution, especially one based on still-evolving technology such as IoT. Security, scalability, and ease of maintenance are just as important. Consider all possible factors to create best IoT solution for you and your business. Workflow optimization reduces costs and allows things to run more efficiently.  IoT allows you to automate industry tasks and communicate sensor data to others. Especially with new IoT devices, it is important to keep your workflows updated as the new technologies arrive. Choose the right systems and tools for your business and create standard processes that will speed up productivity and be the most cost efficient.

Whether you are currently working with IoT devices or preparing to, preparation is key for all the possibilities that lie ahead. Being proactive and following these security steps will lead you and your business on the path to IoT success.

OFF1-P-11121-CTA-v1-01-23-18-01

Categories: Security, Internet of Things

Curtis Buhrkuhl

About Curtis Buhrkuhl

Curtis was born and raised in Americas finest city San Diego and has been with Office1 since 2015. Curtis has been intrigued by computers and tech since he was a kid and it all started by building computers in middle school and now he is currently providing consultation to our clients to organize and build their networks. Helping to bring companies both startups and established businesses into the cloud. By partnering with Amazon Web Services we have been able to successfully introduce them to a new innovative desktop experience.