Internet of Things Security: Should We Trust It?

Given that IoT de­vices are quite au­tonomous and can be re­motely con­trolled, there are some se­cu­rity con­cerns. An ex­am­ple of IoT tech is this con­cept of con­trol­ling your home se­cu­rity through a mo­bile de­vice. Let’s say this be­comes a re­al­ity, and I can un­lock my house us­ing my phone. What if some­one hacks into the IoT ap­pli­ca­tion and un­locks my house from thou­sands of miles away? Suddenly this rev­o­lu­tion­ary con­cept be­comes a fright­en­ing prospect. This prospect in­sti­gated a lot of neg­a­tive press in 2015. Was the neg­a­tive press jus­ti­fied or was it just un­cer­tainty and doubt? Well, once the Internet of Things se­cu­rity was put un­der the mi­cro­scope, cracks started to ap­pear.

Security firm Kaspersky did not shy away from com­ment­ing on the se­cu­rity con­cerns. Their cri­tique ti­tled, ‘Internet of Crappy Things’ high­lighted IoT se­cu­rity and the ease in which an em­ployee could hack into his own smart home. Wind River pub­lished a white pa­per on IoT se­cu­rity in January 2015 ” ti­tled search­ing for the sil­ver bul­let which seeks to sum­marise the prob­lem with IoT se­cu­rity. The pa­per states that se­cu­rity must be the foun­da­tional en­abler for IoT. Currently, IoT com­pa­nies have not come up with a gen­eral con­sen­sus on how to im­ple­ment se­cu­rity on the IoT de­vice. There is how­ever a gen­eral per­cep­tion that is en­tirely un­rea­son­able ” that we can some­how com­press 25 years of se­cu­rity evo­lu­tion into novel IoT de­vices. At the end of the day, we should take away one key point, at this point in time there is no sil­ver bul­let that can ef­fec­tively mit­i­gate the threat to IoT.

Hardware Problems

Another con­cern for the time be­ing is IoT hard­ware. The small size and lim­ited pro­cess­ing power of many con­nected de­vices could in­hibit en­cryp­tion and other ro­bust se­cu­rity mea­sures. See Toptal’s ar­ti­cle for more on hard­ware con­cerns. U.S. Federal Trade Commission chair­woman, Edith Ramirez urged com­pa­nies to en­hance pri­vacy and build se­cure IoT de­vices by adopt­ing a se­cu­rity-fo­cused ap­proach, re­duc­ing the amount of data col­lected by IoT de­vices, and in­creas­ing trans­parency, pro­vid­ing con­sumers with a choice to opt-out of data col­lec­tion.

Overcoming the Security Hurdle

There is some good news; the knowl­edge and ex­pe­ri­ence deal­ing with se­cu­rity threats is al­ready here. Our fo­cus should now shift to adapt­ing our ex­per­tise to fit the unique con­straints of IoT de­vices. As the IoT mar­ket grows, we will see more in­vest­ment and se­cu­rity will im­prove. Hardware ori­ented com­pa­nies will see IoT se­cu­rity as a mar­ket dif­fer­en­tia­tor, where bet­ter se­cu­rity may al­low them to cap­ture more mar­ket share. Security is con­stantly evolv­ing to meet new chal­lenges, it won’t be long be­fore IoT de­vices are as safe as me un­der the high ball.