Designing a more secure future for the IoT
Thu, 06/20/2019 – 05:41
Last week, I attended the LiveWorx conference in Boston. The show, which showcased solutions built for a connected world, was entertaining and eye-opening. It also further reinforced the need for a secure connected world.
The Internet of Things has become the lynchpin of nearly every digital initiative and interaction. That’s because connected devices and systems provide a wealth of exciting and valuable opportunities for both businesses and consumers.
But the IoT also comes with some major challenges, such as the fact that many connected devices lack proper security. That creates vulnerabilities attackers can use as entry points for their dirty work.
Guarding against such risks can be complex. There are a lot of different kinds of connected endpoints out there. Each IoT implementation is different. And finding device authentication and data protection solutions that can span distributed networks and provide scalable encryption key management without impeding data analytics can be a serious challenge.
IoT adopters and industry players can address these challenges by taking a few important steps.
First, they should encourage security by design. That involves requiring device manufacturers to build security into their solutions. The more manufacturers do to incorporate security features, and make users aware of their presence and how to use them properly, the better.
While security by design is a good start, it doesn’t mean users can rely exclusively on manufacturer-provided security. Individuals still will need to be vigilant, as some aspects of security by design hinge on the efforts of IoT users.
For example, users who choose weak passwords to replace device default settings aren’t much more secure than they were initially. And those with devices made by manufacturers that go out of business may stop getting device security updates, increasing risk of keeping them in service.
People and organizations wanting secure IoT experiences also should encrypt sensitive information collected by connected devices. And they should demand that manufacturers employ digital signing to ensure the authenticity and integrity of software updates and help prevent the introduction of malware.
The IoT ecosystem also could benefit from greater transparency around the types of software and hardware used in specific products. That way, IoT companies and customers could more easily assess their risks when new vulnerabilities – which are inevitable – arise.
When it comes to connected devices, data and networks, there’s a lot to be concerned about. But there’s plenty of good news, too.
Governments and the IoT ecosystem are working to address IoT security challenges, educating businesses and consumers on their roles in securing connected devices and systems and pushing for greater transparency to drive more informed behaviors and buying decisions.
That will be important as the IoT continues to expand its role in consumers’ daily lives, in government and across industries. And that expansion is moving fast. IDC expects worldwide IoT spending, which is pegged at $745 billion this year, to surpass $1 trillion in 2022.
Interested in discussing further? Don’t hesitate to contact me on Twitter @johnrgrimm or follow nCipher on Twitter, LinkedIn, and Facebook. You can also click here to find more information about nCipher’s IoT security solutions.
*** This is a Security Bloggers Network syndicated blog from Drupal blog posts authored by john-grimm. Read the original post at: https://www.ncipher.com/blog/designing-more-secure-future-iot