Episode 5: The “S” missing from IoT is for Security – Very Important!!
2019-09-13 | By Maker.io Staff
DigiKey and Adafruit have teamed up to present answers to the idiosyncrasies of properly connecting things to the internet or IoT – (AKA Internet of Things)
When you see that the “S” is missing from IoT, that is because there is a large amount security missing from modern day internet connected devices.
There are a tremendous number of connected devices on the internet that are not secure from hackers! According to Auth0.com, it has been found that 85% of IoT product developers felt rushed to get a product to market prior to fully securing their products. It is often seen that marketing will push to get a product out to the masses touting key features in absence of allowing engineers to finish the development to secure the product from hackers. The 2016 Mirai botnet attack used unsecured CCTV cameras that were connected to the Internet to launch a crippling denial of service attack. That one wasn’t even using the cameras to spy on people, it was just using the TCP/IP stack of the embedded linux device to send lots of junk traffic.
Security should be a high priority when it comes to engineering and marketing teams promoting new products connecting to the internet. As you can see by the European GDPR regulations, security and privacy are being legislated. Knowing that security is set as a high priority for connected devices can make everyone sleep better at night. Listen up and take security seriously. Here are just some of the key items being discussed in our video that you will want to know more about:
- Require a login password
- Don’t have default login passwords
- Initiate 2 factor authentication
- Require TLS/SSL (or HTTPs)
- Authenticate Host Certificates
- Turn off any unused services
- Data Paranoia
- Over the air updates
- Individualized /Revocable Authentication keys
- Having a security contact
Have questions or comments? Continue the conversation on TechForum, DigiKey's online community and technical resource.
Visit TechForum