The Internet of Things is the cornerstone of many future innovations both in mobile and wireless technologies. However, the connected universe brings with it heavy luggage in companies.
When considering a foray into the Internet of Things, you face a multitude of challenges related to security and respect for the private life. For starters, it is nevertheless useful to define what your business means Internet of Things.
Set the Internet of Things for the company
Despite all the talk about the Internet of Things, is still confusion as to what that it specifically covers.
“The first major problem facing many companies is to have their own definition of what they mean by the Internet of Things,” said Earl Perkins, an analyst at Gartner. “Only then they can define how they want to approach it from the standpoint of cybersecurity.”
When planning your deployment of the Internet of Things, stop on the goals that motivate you to break into your business. The way you define the Internet of Things for your company depend largely on what you want to accomplish and tools you need to achieve it.
However, there are similarities in terms of the moving parts of the system. Brian Partridge 451 Research estimates that it generally takes a device, a network and a cloud service.
“Each of these layers may have security problems if they are not structured correctly from the beginning,” he warns.
Basic, the Internet of Things is made of interconnections, which implies a certain level of complexity. And according Ondrej Krehel, founder and head of cybersecurity company LIFARS, LLC, this consequently leads information security problems.
“ By nature, complexity is the enemy of security number ,” he says.
If you head to the Internet of Things, remember that each element you add to the system is multifaceted, requiring other elements to operate safely and efficiently. All these elements come together in a system designed primarily with one thing in mind: the data
Data is the lifeblood of the Internet of Things. . As such, your security implementation for the Internet of Things should focus on their protection. If investment level security devices and applications is worthwhile, the data layer remains the main value proposition.
Regarding the collection and transmission of data from the Internet of Things, Brian Partridge explains that IT security professionals are facing three major challenges:
1. Privacy problem : protect data from people who do not have access to it
2.. Integrity problem : ensure that the data generated is transmitted over a network without being modified, or usurped detected along the way (that is, ensure the integrity of data in transit)
3. Problem authentication :. Ensure that data you receive from a known source, they are authentic
Internet of Things is still a new concept for many professionals and will remain so for some time. Earl Perkins, employees must understand that breaks with traditional methods of collection, processing, storage and distribution of data. Because of this, many traditional forms of computer security will not be effective.
Earl Perkins added that we must be aware of the sheer volume of data that will be collected by the connected management systems and devices “ With the Internet of things today, that’s all the concept of big data extending more , “he analyzes. “ For now, you will literally flood the networks of information and data that were there that far. ”
Think under “ data ” and “ database “. They do not necessarily evoke something in perpetual motion. Most IT professionals know instead what it really is: a database is often compared to a bank. Now protect the money in a bank is different than protecting it while it travels in an armored vehicle.
The reality is that the data is in constant motion and routes on which they circulate are radically modified by the Internet of Things.
This is where the interconnection between really at stake in the security of the Internet of Things. In a deployment of connected objects, there are points where data is exchanged between different network elements. It is on these points of control that you need to concentrate, according Ondrej Krehel.
“ There are various checkpoints where you have to scrutinize this connectivity ,” says Does it. “ This is not so much to ensure that the unit is connected securely to verify that this interaction. Interaction is the key here. ”
Objects connected probably not have sufficient processing capacity to manage the security code, said Earl Perkins. When we talk about Internet of Things, said Brian Partridge, talking about chips that fit in the pocket of a golf ball.
must therefore be taken into account to find suitable way to protect these devices and the data they create and transmit. Take the example of a gateway, also called proxy server or controller (broker) to manage data security on behalf of many types of devices. These are part of the previously mentioned checkpoints by Ondrej Krehel.
The reason why it is absolutely necessary to protect them is that they will become the main targets of cybercrime in the company.
“ You can be sure that people who want to hack systems or cause problems will target network gateways, ie the network points where these different types of networks in the Internet of Things data feed or receive orders “predicts Earl Perkins.
Understanding the opportunities
Often asked to indicate whether the Internet of Things should be avoided because of the security problems that presents Brian Partridge answers “ no “. There are many options to understand the process, and they multiply.
Instead of implementing security only on hardware and software, the focus is on the security of interactions and flows. According to Ondrej Krehel, security becomes a matter of technology and services.
This is an opportunity for providers in the field of security to intervene and offer security as a service for those checkpoints and interactions, so that the company can continue to focus on data collection.
It is possible that you can not devise one full set of protocols and integrations, warns Ondrej Krehel. It becomes more acceptable to forgo design the whole process and to rely instead to a third party so that it will cover part of the security for you.
“ The companies that come for an audit, advice or create a plan of attack to mitigate the risks related to security in these new environments will pay large sums for this , “said Brian Partridge.
For Earl Perkins, the Internet of Things brings another opportunity: to understand that it is in itself a security revolution. We can begin to apply the capabilities and security technologies with connected objects.
For the consumer, the best example would be the connected home that tells you if someone came home broken or there there is a leak of carbon monoxide. In another example, a retailer could use it to find stolen goods connected with security labels.
Ultimately, the internet of objects present new technological opportunities at all levels.