How to protect IoT devices (and data)

Security
Practical problems
Solutions

We have already seen how to exploit the data generated by IoT devices to make them more effective. But after all efforts to collect and analyse them it is essential that this information is safeguarded from possible intrusions and theft.

The theme of security is becoming increasingly important when we talk about Internet of Things, because the quantity of connected devices is growing and it will increase in the next years, especially when the new 5G technology will be fully implemented.

To avoid as much trouble as possible it’s necessary to take into great consideration some strategies to make safe the connected objects.

The problem of security

It is inevitable that the great expansion of IoT devices interests those who are able to sneak in order to control and/or steal data. If we think about the recent discovery of the vulnerability of WPA2 Wi-Fi protocol (the problem is called “KRACK”, that means “Key Reinstallation Attacks”), it is not possible to stay completely safe.

Often, however, the risk is underestimated and this is one of the reasons that determine the success of some attacks. If companies start to understand that security must be an essential parameter to keep in consideration, it is not the same in other areas.

➡️ It is evident that manufacturing companies of IoT devices should increase the costs of their items if they would install on each a security software, but it is clear that the problem is rising strongly and in the next years it will be necessary to find appropriate solutions.

Companies and daily life

As we said before companies start to best protect IIoT devices (Industrial Internet of Things) and data produced, through platforms which guarantee a high level of security.

Any stolen data or intrusions within the devices that control a production line in fact could be deleterious for a company, causing important losses in terms of time and profit.

➡️ However there is still much to do; computer security e IT departments need to be updated considering these new technologies.

For everyday life, the problem is different. The perception of risk perhaps is not so clear.

With the constant development of home automation, we can “talk” with our appliances, that provide us useful information and that can be controlled by smartphone.

➡️ It may not be very important if the home IoT fridge is “hacked” (and maybe it would not be interesting to do it to those who attack), but let’s try to think what would happens if someone could take control of our surveillance cameras, maybe installed inside.

➡️ Or even worse if someone could interfere with the operation of any devices that control and deliver essential services for everyday life, as electricity, gas, hospital equipment, or related to public safety (video surveillance, traffic), but also those installed in airports. The services may be interrupted or tampered with serious consequences.

➡️ But let’s think about new generation connected cars, what if someone could control them remotely?

Some solutions

In order to ensure the best safety of IoT devices it is necessary to take some precautions, starting from the producers up to the final user.

⭕️ Producers should implement device protection, not only focusing on cost and design, installing reliable software and anyway releasing security updates based on the new threats.

⭕️ Similarly, users should consider reliable products that can provide regular security updates at least for the duration of their life.

⭕️ The devices should always be updated, with new firmware that respond to new risks in the network. It is also true however that often this operation is not easy for everyone.

⭕️ It is necessary to keep the router up-to-date and the Wi-Fi network always monitored, as mentioned with new firmware and with secure passwords in order to avoid intrusion as much as possible. Although it may be too much expensive it would be important to replace any outdated access devices.