Back to Blog

Internet of Things (IoT) and Security - Securing IoT devices and data

classllc cybersecurity data privacy elizabethpeters iot Nov 17, 2021
collection of devices on a wooden table. an apple laptop and ipad sit in an organized manner on the table, while the other devices are laid piled upon one another above the laptop

 By: Elizabeth Peters

You have heard the term Internet of things (IoT) before, but what does it mean for you and your security? The Massachusetts Institute of Technology (MIT) Auto Labs was the first to implement the idea of the Internet of Things (IoT) in the early 1990s. Additionally, the first application was the trojan area coffee pot which was developed in 1999. Organizations working on IoT have had different kinds of definitions proposed over the years.  IoT refers to connected objects and devices over the Internet and is used for various purposes, such as communication, transportation, education, and business development. Due to advancements in technology, IoT devices have been deemed a “global structure for data society”, enabling progressive services and facilitating physical and virtual connection. IoT introduced the concept of hyperconnectivity, which means organizations and individuals possess access to effortlessly communicate with each other from remote locations. The technological advances of the new era have led to the interconnection of devices, applications, people and data, giving way to the current generation of IoT.

Today, IoT devices account for more than 30% of network-connected enterprise endpoints. Several IoT devices lack the security standards that non-IoT devices have. This means that billions of smart devices could be used as part of a botnet attack or point of entry into a secured network. It is high time for CISOs and security C-Suite to move past legacy solutions and consider a complete IoT lifecycle approach. This would create an IoT security posture that reliably enables IoT and protects the network from existing and unknown threats. The potential to exploit an IoT device makes the search to find suitable IoT security measures extremely important. Privacy and security are still among the significant challenges of IoT. Improper device updates, lack of efficient and robust security protocols, user unawareness, and famous active device monitoring are among the challenges faced. The security protocols and critical management sessions between different layers of IoT systems support, ensure the integration of privacy toward the users’ data is integrated.

As IoT becomes adopted more regularly, it has shifted to become a business enabler introducing new security challenges for network and security teams alike. Conventional network perimeter defenses and legacy processes are simply not as equipped to address the surge of new IoT security issues. IoT devices are often equipped with heterogeneous communication and computation capabilities for seamless operations. The data collected is so voluminous and variable that it must be stored in Big Data architectures. IoT evolution has provided the opportunity to have better access, quality and analysis of data, but simultaneously introduces challenges. Furthermore, mitigating security risks associated with relationships between IoT and Big Data introduces assurance from the information collected and accounts for securing of users’ sensitive data.

Upon reviewing recent developments, from a more technical perspective, machine learning for IoT security found that methods with the highest threat detection accuracy used the random forest and K-nearest neighbor algorithms. The most efficient methods used software-defined networks (SDN) and a fog layer of networks. On the one hand, the various types of communication technologies and mobility features in IoT enable fruitful and attractive applications, while facilitating malware propagation. These raise new challenges in handling IoT-empowered malware for cyber security. Comparatively, malware propagation control schemes in traditional wireless networks where nodes can be directly impaired and secured in IoT, leading to compromised end devices that can be difficult to patch. Blocking malware via patching intermediate nodes can effectively prevent the proliferation of malware propagation by securing infrastructure links. Therefore, a novel traffic-aware patching scheme must be applied to IoT systems with limited patching resources, including a response to time constraints.  

In conclusion, IoT represents the future of technology where objects can communicate with each other and connect to the internet while creating self-configurated intelligent systems. Besides the evolution of IoT and its benefits, there is still great doubt about security and privacy which are considered major challenges facing IoT architecture development. Security and privacy issues are the most critical challenges found in each IoT layer and they are not being fully addressed, currently. Protecting IoT requires an appropriate security framework covering all layer-security issues. Privacy must be managed within the device, as well as storage, communication while processing. Privacy and protection of sensitive data in IoT has been identified as one of the crucial issues that need to be addressed to prevent targeting when unauthorized access happens in hardware or software. Authentication and identification are fundamental for IoT data privacy, which is also an important security issue. Security and privacy challenges can affect the growth of usage of IoT. There is a need for developing holistic security and privacy frameworks to consider the challenges in the IoT environment and relevant influencing factors. Security solutions should also consider the limitations of IoT devices resources.

Don't miss a beat!

Get regular content and event updates delivered to your inbox. 

We hate SPAM. We will never sell your information, for any reason.