At the end of a long day, you sign off from your remote connection to work. You track your fitness that evening with a smartwatch and later prepare a meal with the help of your internet-connected refrigerator. Before you call it a night, you double-check to make sure the living room lights are shut off and the doors are locked via an app on your phone.
Your devices — and you, by proxy — are part of the rapidly growing Internet of Things.
But IoT extends far beyond the personal. Industries across the world — healthcare, government, transportation, construction — are using IoT to advance products and improve processes using data collected from connected devices.
While IoT grants better opportunities for interoperability and remote connectivity, users and technology teams must also consider and prepare for the security threats that come with that level of accessibility.
Diallo Gentry of XSELL Technologies believes in sticking with the basics and seeing IoT solutions in an uncomplicated light: “IoT devices are simply computers by a different name.” He suggested common technology can be best protected by common solutions. The key for device managers and everyday folks alike is to not forget even the smallest of devices — just because you don’t see it, doesn’t mean it’s safe from security threats.
Even though enacting these security measures sounds simple enough from surface level, IoT is a deep, tangled web. Built In Chicago sat down with Gentry to learn more about his knowledge of current security threats and what protection measures he recommends to today’s technology teams.
What are the biggest security issues currently facing IoT systems, and how can technology teams protect against them?
IoT devices are simply computers by a different name. Therefore, security challenges that have historically beset computers apply to IoT devices. Common examples include weak authentication, weak data protection, poor patch hygiene, and unused or insecure interfaces and network services. And because of the potential “out of sight, out of mind” quality resulting from the small size of many IoT devices, if device managers haven’t established good inventory management practices, these devices are likely to escape necessary attention.
Gentry’s common solutions to IoT security challenges:
- Use strong, preferably multifactor, authentication
- Safeguard data with encryption, and don’t forget to protect the keys
- Patch, patch, patch
- Disable and uninstall any unnecessary interfaces and network services
The ubiquity of IoT adds some nuance to common security considerations, for example, a connected car that is attached to a hospital network. But as far as I’m concerned, if you’re not addressing the basics, the game is already lost before it’s begun.
.jpg)
