When it comes to IoT security risks, we know that there are many areas of potential vulnerabilities that we must be watchful of. We’ve become accustomed to data security threats, but the embedded devices on the Internet of Things (IoT) pose different challenges than those of the computers and mobile devices.
Embedded device examples include: FitBit heart rate monitors or accelerometers that give accurate readings to your cell phone, POS devices, medical devices, home monitoring sensors, etc.
Smart technology is new and still emerging. As it evolves, we need to be aware of the gaps that create hacking opportunities.
- Mass production enables mass hacks.
These embedded devices are produced in large volume, with each one identical to the next. Once a hacker has figured out how to hack one, he applies that method across any and all of those devices.
- Security isn’t built into the device.
Manufacturers don’t design the embedded devices with security. They assume the user will handle that task, according to their desired protocols. When security is a layer on top of the device, it is more susceptible to hacking.
- Upgrades are a problem.
Security patches and upgrades are easy for our standard computing devices, but the IoT’s embedded devices rely solely on the factory-installed software. If the update capability isn’t built into the firmware by the manufacturer, you may not have the capability or storage capacity to update it.
- Enterprise firewalls don’t recognize the protocols.
Your enterprise network’s firewalls are designed to fend off unknown protocols to prevent attacks. Embedded devices feature a specialized protocol that may not penetrate your firewall.
- Intrusions go undetected.
The monitoring protocol you use for your standard network is very different from the intrusion detection you need for the IoT. If you don’t deploy a monitoring system specific to embedded devices, you’ll never know when and how many times the system is being hacked.
- Mobility side-steps security.
When an embedded device is used outside the secured environment, the user is risking unprotected Internet connectivity.
There is no quick fix to these vulnerabilities. Security should begin in the IoT device design, and that will require evolution by device manufacturers. However, you can be careful with your choice of embedded devices and the way you integrate and maintain them on your network. Look for those that allow for security updates. Monitor—or block—remote access. Invest in the developing security protocols specific to your IoT, because your current enterprise data security isn’t enough. Click here to learn more about IoT security tips.
About the Author:
RAD DeRose is the President & CEO of L-Tron Corporation. He has over 30 years experience in industrial automation and data collection technology solutions and brings a deep industry knowledge-base on the challenges faced in the commercial and public safety sectors. RAD can be reached at (800) 830-9523 x114; rad.derose@L-Tron.com.