top button
    Got Questions

Global IoT Summit 2018
Oct 31, 2018
The Leela Palace, Bangalore

    Connect to us
      Facebook Login
      Site Registration Why to Join

Facebook Login
Site Registration

What security advice do you have for IoT usage?

+1 vote
posted Jun 20, 2018 by anonymous

Share this question
Facebook Share Button Twitter Share Button Google+ Share Button LinkedIn Share Button Multiple Social Share Button

2 Answers

0 votes

Understanding the information in and used by an IoT device will make it easier to understand the appropriate security and use of the device.

This is obviously a new area for many enterprises, and the proper vetting and screening of these devices is also new to most people. Having clear and concise conversations with manufacturers on security and controls that are in place for the devices is critical. “Trust, but verify” is my motto. I wouldn’t take the word of a quick response regarding security as the definitive answer. If there is a potential to affect your organization, using a packet sniffer or SSL inspection appliance to vet the IoT device during testing would be wise.

It is also important to ask the question, “What happens to the data once transferred to the cloud?” Most IoT devices are managed through a cloud interface. Does the manufacturer have access to that data? Are they aggregating that data and reselling it? What guarantees do you have that your information privacy will be protected? We have all seen the recent issues with Facebook and its privacy rules being brought to light with the Cambridge Analytica controversy.

answer Jun 21, 2018 by Lakshmi L Menda
0 votes

1. Don’t connect your devices unless you need to

The first step is to consider what functionality you need from the device. Just because your TV or fridge can connect to the internet, doesn’t mean you definitely want to hook it up. Take a good look at the features it offers and learn exactly what internet connectivity brings before you connect.

2. Create a separate network

Many Wi-Fi routers support guest networking so that visitors can connect to your network without gaining access to shared files or networked devices. This kind of separation also works well for IoT devices that have questionable security.

3. Pick good passwords and a different password for every device

It’s very important to pick strong passwords, but you must also make sure that you pick a different password for every device. If a hacker manages to get one of your passwords, they will typically try it with other services and devices. Reusing passwords is not a good idea. Use a password manager to keep track of all your passwords.

4. Turn off Universal Plug and Play (UPnP)

Sadly, UPnP can make routers, printers, cameras and other devices vulnerable to attack. It’s designed to make it easier to network devices without configuration by helping them automatically discover each other. The problem is that hackers can also potentially discover them from beyond your local network because of vulnerabilities in the UPnP protocol. Is best to turn UPnP off completely.

5. Make sure you have the latest firmware

If you want to make sure you have the latest security patches and reduce the chances of a successful attack, then you need to keep your firmware fully updated. Vulnerabilities and exploits will be fixed as they emerge, so your IoT devices and your router need to be regularly updated. Automate this wherever possible or set a schedule to check for updates every three months or so.

answer Jul 10, 2018 by Manohar Parakh