• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Network Security

There is No S for Security in IoT

Notice that it isn't called IoTS. Security is something that is missing from the Internet of Things equation

February 14, 2017 Josh Erdman 1 Comment

You do not have a cell phone, you have a computer in your pocket that can make phone calls; you no longer drive a car, you are driving in a computer whose computer case is shaped like a car and is designed for transportation.  The same can be said about thermostats, X-ray machines and yes – security camera systems. We now know these internet-connected devices as the ‘The Internet of Things’ (IoT) and we in IT have a joke about it.

“What does the “S” in IoT stand for?”

“There isn’t an “s” in IoT.”

“Exactly.”

“S” is for Security

With the quality varying in the vast array of IoT devices, there is plenty of low hanging fruit for bad guys to take advantage of. Usually, this means hackers taking control of a device so they can add it to their ‘zombie’ network of infected, remote controlled Internet devices. You may have heard of this before, it is called a botnet. Remember when Twitter, Netflix, CNN, and Reddit went down late last October? That was a botnet.

“P” is for Protected

To address the security of your network, answer these two questions:

  1. How do we ensure that none of your equipment would become part of an infected botnet?
  2. How do we protect your office network from the bot-nets that already exist?

I previously mentioned that the bad guys go for the low hanging fruit.  What does this look like?  Take network-based, wireless security cameras for example – aka “nanny cams”. You can find these devices ranging in price and quality from $35 to well over $2000.  Parallel to this large span of pricing lies a huge difference in features, and quality.

Related: How to Handle Internet of Things Security

When we focus on quality there are certainly the physical tangibles: ability to withstand abuse, quality control of the product before it leaves the manufacturer, quality of the lenses and the image the camera takes.  However, what is frequently overlooked by the consumer is the quality of the intangibles: quality code (code that is secure, stable, and frequently updated).

You Get What You Pay For

The equipment on the lower-end of the scale, like a nanny cam, is most likely rushed through production – with the only requirement being that the equipment functions as advertised with little to no effort spent on reliability and security (despite the claims on the box).

If you happen to purchase such equipment – you alone would be responsible for visiting the manufacturer’s website to download and install firmware updates for security – and that is assuming the manufacturer even releases security updates. This kind of sloppy security can lead to hackers watching your nanny cam feed – even if it is password protected. Effective security and automatic updates are what companies pay for when they purchase more expensive network equipment.

The Cost of Security

A deep investment in network security means your servers are protected with patch management, the routers are the only equipment directly connected to the internet, monitored, and the firmware is upgraded regularly of each device monitored remotely.  The rest of your equipment, access points and switches are commercial grade, also monitored, and not directly connected to the internet so if they were to get infected, it would have to be an ‘inside job’.

Now that we know what is necessary to prevent your equipment from being infected, let’s focus on the second half – how do we protect your already healthy network from the millions of infected devices on the internet? By putting all your equipment behind a firewall so the outside world cannot directly communicate with them.

Long story short, when it comes to your IoT, YOU are responsible for adding the “S”.

 

Josh Erdman of TekTegrity has been in IT since 1997 and never leaves behind an opportunity to learn something new. He is a true ‘Jack of all trades’, a skill he taps into with his consulting, as he is always on the lookout for new ways to merge technology with business processes. In his spare time, Josh jumps into any opportunity to present technology and science to kids and loves public speaking.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cyber Security, Internet of Things

Related Content:

  • data breach Nearly 900 Schools Impacted by National Student Clearinghouse…
  • Progress MOVEit vulnerability Progress Software Urges Further Action to Prevent MOVEit…
  • June 2023 Patch Tuesday. Patch Tuesday, June 2023 Patch Tuesday: Exchange Server, SharePoint, PGM
  • Fortinet Vulnerability, Fortigate Patch FortiGate SSL-VPN Devices Immediately

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Trackbacks

  1. Better Protection of Consumer Data and Connected Devices a Top Concern - My TechDecisions says:
    December 12, 2018 at 4:01 pm

    […] The Economist Intelligence Unit, huge majorities of consumers around the world don’t think their IoT data is safe, and they want something done about it before the problem spirals out of […]

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Advertise with Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSDO NOT SELL MY PERSONAL INFORMATIONTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.