How To Increase Security Of Things Internet Devices
- Sep 04, 2019
- 166 views
Cisco study points out that, by 2022, there will be 12 billion mobile and IOT connections in the world. This may also mean an opportunity for cybercriminals to invade diverse systems in a variety of segments, from industry to homes, if a highly efficient protection barrier is not placed in this ecosystem.
According to Eduardo Lopes Freire, director of Nodes Technology, a provider of digital security solutions, the contribution of international standards-regulating bodies, notably the European Telecommunications Standards Institute (ETSI) TS 103 645, industry can offer more security and confidence to consumers of smart devices. However, manufacturers and users should do their part.
"Certainly the standards help design efficient and secure IoT projects, and they have a way to be followed by device manufacturers and project managers, for example, Wi-Fi routers that allow many devices to connect to the Internet, are the first entry ports for malicious code.A recent study by Avira has found that one in four routers is vulnerable and each of them may have more than 6 ports open for possible attacks.From the established standards, manufacturers will have to deliver to consumers better products, while users may demand better and more reliable products, "says the executive.
Andrei Petrus, director of IoT at Avira, reinforces this analysis of his Brazilian colleague and points out the anxiety of manufacturers to put new products on the market as another concern. "The need to offer users new, innovative and competitive products makes the IoT device industry ignore the most basic security principles. Without proper application, however, it is still necessary to see to what extent manufacturers will voluntarily adhere to the standards, "he says.
Code of Good Practices for Consumer Safety of IoT
As the industry debates standards, the Department of Digital Culture, Media and Sport (DCMS) in the UK has released a Code of Practice with a list of guidelines for users. In it, it is possible to have access to 13 orientations:
1 - Do not use a standard password
2 - Implement a vulnerability disclosure policy
3 - Always keep systems and applications up to date
4 - Securely store credentials and security - sensitive data
5 - Communicate with security
6 - Minimize exposed attack surfaces
7 - Ensuring the integrity of the software
8 - Ensuring that personal data is protected
9 - Making systems resilient to interruptions
10 - Monitoring system telemetry data
11 - Making it easier for consumers to delete their personal data
12 - Facilitate installation and maintenance of devices
13 - Validate the input data
In Freire's assessment, industry standards and guidelines greatly help coexist with intelligent devices. However, they can not just stay on paper. "We can have a gentlemen's agreement, but it takes a lot more than that to be done to ensure security in IoT. Both industry and consumers should keep in mind that cybercriminals are always one step ahead of us. Therefore, all the attention and practical action in combating the attacks can be very little. Waiting to be attacked is the worst scenario in a world highly dangerous for business and personal data, "he said.