After we watched the last season of Black Mirror, we think it is time to talk about what and how to make IoT secure. We talked about the revolution of Internet of Things. And the way objects communicate between them. The future is here already. We have smart homes with smart objects and you can control your light at home even though you are still at work. And soon we will all forget about turning back to check if we really locked the door, because one app will tell us if the door is closed or not.
All these are great benefits for us and our environment. But is it secure? Apparently, security and the way we see it must change, in order to eliminate the risks.
This year, we experienced some major events including IoT and security breaches that transformed the things that are supposed to protect us in dangerous ways to be hacked and threatened.
All developers should put people’s security on the first place, no matter what they are building. For IoT devices, there should be three main aspects we must focus on ever since we design the device.
User must be the one who decides when to stop providing personal information and what kind of information to share with the objects. So allow access only to data that user is permitted.
Instead of using a username and a password for authentication, try use two factors: like a thing the user already knows (this can be the password) and something the user owns (a SMS to his phone or an email).
Integrity should not be questioned in anything. When it comes to IoT, make sure data is not altered and unauthorized users can interfere with it.
As a form of artificial intelligence, objects must have all the systems and data available every time the users need it.
Every second, the information collected grows bigger and bigger and the cloud system can’t process it fast enough. So we must move from protecting the cloud to also protecting the object itself, as it has its own micro processes.
The IoT networks are another concern, as it is more challenging that the traditional network security. There are new traditional and new protocols and standards to protect the end points.
The world we are living in is fascinating. This is the time it changes most rapidly and what once we saw only in the movies, is now part of our lives. But in order to keep things under control and to make everybody happy, we need to take care of users’ security and data.