Loading...
Loading

What Security Challenges Do SMEs Face With The Rise Of The Internet Of Things?

2015-06-12by Amy Fry

You’ve probably heard the term “Internet of Things”. From controlling thermostats with our smartphones to factories maximising their efficiency, the Internet of Things (IoT) is spreading at speed.

It’s hard to argue against the positives of this advance. Users get a better, remote-controlled service (whether that’s for their alarm system, fridge or car). Meanwhile companies can learn more than ever about their customers and how products are used. The IoT gives us a wealth of data with ease – and this can be simultaneously a good and bad thing.

When considering making use of IoT tech for business add new security considerations to the ones you should already have in place. While there’s a lot to be gained from all this new tech, a single breach caused by a simple oversight can make it all futile. With more interconnectivity and data collection comes an increased responsibility to keep customers safe.

This report from HP should act as a wake-up call to anyone considering jumping into using IoT devices. It lists the security issues and flaws around these bits of tech and doesn’t make for reassuring reading. Along with vulnerable interfaces, weak passwords and unencrypted network services, it shows that these devices are a prime target for hackers and criminals.

A famous example of just how bad things can get was the Insecam website, which streamed video from the webcams of unsuspecting owners. From this site you could peer straight into the homes of ordinary people and businesses. Frightening stuff, especially when you consider the additional issues that come with it. How much easier is it for a burglar to plan a robbery when he can look around a building from the comfort of his own home?

So what hacking techniques did Insecam use to gain this access? Well, not particularly sophisticated ones – a fairly simple web crawler did most of the work. These webcams were vulnerable because the owners hadn’t changed the settings after purchase. In other words, they essentially didn’t have even the most basic password protection.

This is a lesson for businesses who want to incorporate IoT devices. They can buy the most secure products on the market but it won’t make a difference if they aren’t setup properly. This highlights the importance of creating clear guidelines before even beginning to use this tech. If employees have access to it clear instruction should be provided.

By its very nature the IoT is confusing when it comes to security. As more devices connect, access increases. To maintain adequate security we must predict how different devices will share data and interact with each other.

Just as data collected is valuable to businesses it is valuable to hackers, so they will always be looking for weak points. When even passports were easily compromised you know that flaws are often missed. There’s another issue to consider as well: what are you doing with all the data you’re collecting?

As IoT devices advance they will collect more and more data. The data needs to be put somewhere and that will often be on the device itself, in ‘the cloud’ or on physical memory storage if available.

Each of these options carry their own security flaws. Any data being transmitted should be security encrypted to ensure any data leak is useless. The device and physical storage can of course be tampered with first person, while cloud storage has its own issues.

The IoT offers tremendous benefits, but comes with some important responsibility for data handlers and owners. The only way to keep data safe is to stick to strong security guidelines, keep them updated and regularly check they’re being adhered to.

news Buffer
Author

Leave a Comment