What is the Internet of Things?
The Internet of Things, (IoT) is the internetworking of physical devices, (also referred to as "connected devices" and "smart devices"), buildings, automobiles, trucks, aircraft, ships, animals and other items that are embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.
The Internet of Things
In 2013 the Global Standards Initiative on Internet of Things (IoT-GSI) defined the IoT as "the infrastructure of the information society." And it is way bigger than most people think. Some experts expect it will be 50 billion devices by the year 2020. Others think it is already there!
The IoT allows objects to be sensed and/or controlled remotely across existing network infrastructure Creating opportunities for more direct integration of the physical world into computer-based systems, resulting in improved efficiency, accuracy and economic benefit in addition to reduced, (in some case without) human intervention.
Do you have a smart phone? Then you can monitor your home camera system, close or open the garage door or turn up the heat from anywhere you happen to be as long as you have Internet access. Does your pet have a chip implanted? If so then they are part of the IoT too.
We now have cars that will stop for you if you forget to watch what you are doing or park themselves if you don’t know how. There are smart clothes that monitor your physical condition, a refrigerator that tells you when you are out of food, a smart toothbrush that tells you what areas of your mouth you have neglected even an intelligent hairbrush that does something! Machine learning means the IoT knows more about you that you do, hopefully not in a creepy way.
With technology like Alexa, (the Amazon Echo) you can control things with voice commands but there is a downside of all this. Having an open mike in your home or office could cause problems for certain politicians and business leaders. Privacy is basically a thing of the past.
Most of these connected devices are rarely protected. They have been used in DDoS attacks like the one on October 21, 2016 against Dyn that took down PayPal, Spotify, Reddit and others. And it was perpetuated not by a foreign power but by amateur hackers who took over these connected devices and used them for their own purposes.
What can you do to protect yourself and protect others from you in this connected world? Here are five things you can do to improve your cyber security.
Change Default Settings
Number one is to change the default password. Every operating system, app server, device or library comes with a set of defaults that are designed to help you secure it. The original vendors created a default account and then published it so that you could easily get set up and started with the product. However, these default accounts were never intended to go into production. You really need to change these settings.
Do Your Updates
Cyber security is an ongoing battle. As new vulnerabilities are found that make current software out of date it is important to update that software. Many of the IoT device manufactures have firmware updates available. But often this is not well advertized meaning you have to keep checking to see if new updates are available.
Close Unused Ports
Next up on the security stack is closing unused ports. Every device has a large number of inputs that can be used for unique communications. Whether it’s the internet, email or chat, they all run over different ports. Thankfully, software, cloud and modem vendors help us with this task with built-in firewalls and security profiles. That said, for those of us making new devices to power the IoT, there is no one providing this protection. You can ask your IT professional to run a port scan and see what ports are open.
Encrypt Your Communication
For years we've been encrypting information to protect it from snooping third parties. These encryption methods have now become the backbone of trust on the Internet At least make sure you are using SSL. Look for the https in web addresses.
Security begins with you! There are some additional applications you can use like Geotrust, Digicert or Letsencrypt. You should always spend the effort and money to give yourself and all of your users confidence that their data cannot be spied on.
Don’t Store Information in Plain Text
When you store data, you should always choose to encrypt it in some way so that another user, application or hacker cannot understand it. Simply having the data in a format that isn’t immediately understandable goes a long way towards keeping your application from being a “hack-able” target.
And remember always back it up!
Go back to the top
|