We lead our domestic and working lives surrounded by an Internet of Things (IoT), a network of physical objects, devices, vehicles, buildings and other items which are embedded with electronics, software, sensors, and network connectivity which enables these objects to collect and exchange data. This seamless linkage between all our favourite gadgets and gizmos makes for an easier, cohesive operation, but at what cost to our security?
The recent hack of a connected tea kettle demonstrates the security risks which accompany the explosion of the IoT. Whether it’s stored in a data centre or in the cloud, unless traffic is totally encrypted with, for example, separate keys from each AP junction, a simple smart device could provide easy access to a range of network resources to anyone with the right antenna.
Even IoT devices which are constructed with the upmost security will need constant appraisal to keep pace, let alone one step ahead of the hackers. These crack-safe systems need to originate from trusted sources appointed by IT industry leaders – this is not a project for square-eyed enthusiasts.
The truth is, there is no must-have security for any of our IoT devices and each is an unknown quantity in terms of data safety whether it’s part of a physical perimeter or reporting to the cloud. Even the humble fitness app will be doing its best to submit its data to some higher, mightier force, not just the user.
The obvious answer to the all-pervading question of security is to scan staff IoT devices as they enter the office or factory on a daily basis. A draconian solution, perhaps, but without an industry- recognised regime to dictate what data these devices retain, disregard or submit elsewhere, who’s to say an individual or company’s cloud resources won’t get weighed down with a welter of unwelcome digital detritus?
With the smart consumer and entertainment electronics market continuing its stratospheric rise, so the risk of a catastrophic security breach increases. Until we come to fully understand what is actually in these devices, we must be vigilant in terms of local security and cloud resources.