Securing the ‘Internet of Things’

Security_Lock_Hero_Homepage_SmallIt doesn’t take reading too many articles about light bulbs being hacked or strangers calling in through a baby monitor for me to decide that I’ll just hold off from bringing in any more connected devices into our home.  It’s enough work keeping up to date on firewalls and passwords for the growing pile of personal computers, work computers, smart phones, and tablets we’ve collected.

For me, having to get up off the sofa and physically flip light switches is not a leading problem in my life. The promise of energy savings is interesting, but not compelling enough to go through the hassle of installation and set-up, let alone understanding and managing the security.

The scariest part of the “Internet of Things” is that it’s not just data being accessed — it’s the actuators that cause the “things” to move.  Threats can now move from the digital to the physical.  In her excellent article on enterprise threats, Ericka Chickowski quotes Jeff Williams, CEO of Aspect Security, on how attackers can find new ways to cause harm, for example  ”… causing fires, overloading networks, turning off refrigeration, opening locks, blocking communications, starting alarms, suppressing alarms, cutting power, releasing chemicals, stopping cars, hiding the remote. The jump to an Internet of Things is huge, and so is the leap in security thinking that will be needed to make it safe.”

Manufacturers have much to gain from adopting Internet of Things technologies, but only if their mainstream customers trust that the products, and the network around those products, will be safe.  Therefore, security should be considered a critical element for product development in the Internet of Things space.

Connected devices, such as my ongoing coffeemaker example, deserve at least the same level of endpoint security as a computer.  Our security experts at Dell tell me that according to the Georgia Institute of Technology, around 100,000 new pieces of malware are found by researchers every day. That’s more than one new malware sample every second. On top of that, in 2013 manufacturing was the second-most targeted industry by cyber-attackers. More frequently, manufacturers are asked by their customers to demonstrate the security of their supply chain.

Cyber-attackers are more sophisticated and more determined than ever to steal your intellectual property, money or sensitive data. Because their tactics are always evolving, there is no single fail-proof security solution. Dell has multiple ways to solve the problem.

Thoroughly testing your Internet of Things environment to identify security gaps is the first line of defense. Corrective actions might include installing a firewall to stop threats at the network perimeter by executing and inspecting suspicious traffic before it can enter your network.

For advanced threats that might evade perimeter defenses, Dell is staffed with expert researchers and security analysts. They have access to petabytes of data about threat actors and their tradecraft. This information helps them predict threats, proactively fortify network defenses, continuously detect and stop cyber-attacks with countermeasures and enable you to recover faster from a security breach. Finally, Dell can help demonstrate to your customers that you operate a secure environment.

This all assumes that manufacturers will be working alone to protect their products and networks.  There are already connected home networking players such as AT&T Digital Life which our coffeemaker manufacturer could theoretically plug into, and I expect other players will emerge for industrial applications of the Internet of Things.  It will remain vital for manufacturers to vet and develop confidence in these partners so that the security practices will be strong – and convince mainstream consumers like me that these new connected devices will not introduce more hassles into daily life.

Also in ‘Internet of Things’

Most manufacturers have been standing on the sidelines when it comes to the Internet of Things. Here are some reasons why they should get in the game.

  1. 1The ‘Internet of Things’ changes manufacturing
  2. 2How the ‘Internet of Things’ will change design
  3. 3Becoming customer-centric via ‘Internet of Things’
  4. 4Securing the ‘Internet of Things’
  5. 5How the ‘Internet of Things’ impacts the factory
  6. 6Future ‘Internet of Things’ — from device to sky

View the entire series.

Kirsten Billhardt

Kirsten Billhardt

Dell Contributor at Tech Page One
Kirsten Billhardt is the lead strategist for the manufacturing industry at Dell. She came to Dell from the automotive industry where she rotated through engineering, corporate strategy and product planning roles. Kirsten earned her BSIE from Kettering University, an MSE from Purdue and an MBA from Harvard.
Kirsten Billhardt
Tags: IT Security,Technology