How safe is the Internet of Things (IoT)?
It’s a question that’s difficult to answer now, but one that will hopefully be easier in the near future. To be sure, IoT could very well be the next great revolution in technology. In much the same way that the internet changed everyday life for billions of people around the world, IoT could have a similar impact.
There is, however, a major problem that many tech experts have expressed concerns about: IoT security. As millions and even billions of devices connect to the Internet of Things, and as more people use these devices in various aspects of their lives, testing the security of IoT becomes a priority. Without that assurance, we could be putting vital data at risk.
There’s little doubt regarding the transformative nature of IoT. So far, we’ve only caught glimpses of it. But as web-connected sensors are embedded within everyday objects and devices specifically tailored to IoT are released, IoT will become an integral part of our lives.
This also means the tech world is treading on new ground. Think of the internet as it already is and the multiple dangers and risks we face when we complete any transaction online.
The news related to large data breaches at major companies are all the evidence needed to see what can be lost. Now imagine those same type of dangers, only in a completely new field where people and businesses have little experience. From that perspective, it’s easy to see how security can be such a big concern.
Luckily, a number of organizations are coming to the forefront to ensure new IoT devices are properly tested before making their way to the general public.
ICSA Labs is one such organization that recently announced a new program designed to test security features found on IoT sensors and devices. This is certainly no easy task considering the number of such devices being created, but ICSA Labs has already outlined six security components that they will be focusing on.
Those components include the physical security of the devices, the authentication process, cryptography, communications, and more. Based off of their findings, ICSA Labs will give the device or sensor a pass/fail grade. Testing won’t be completed with just one stroke either. The IT group is looking to test devices every so often as new threats emerge and new patches and upgrades are introduced.
The news from ICSA Labs is reassuring, in part because the organization is experienced in certifying the security of IT products, going as far back as the late 80s. In other words, they know what they’re doing and are usually on top of the latest security risks faced in the tech world. But they’re not alone in working to ensure IoT device security is ready for the threats they’re likely to encounter.
The Industrial Internet Consortium and the Open Web Application Security Project (OWASP) are among many that are studying each IoT devices to detect vulnerabilities. OWASP, for example, has an extensive list of guidelines the organization wants other testers to look out for, like any privacy concerns, insecure web interfaces, and insufficient security configurability. Part of the goal of these institutions is to establish a set of standards that all organizations -- from cloud providers to converged storage -- can use to test IoT devices.
All of these new efforts are especially important as businesses are quickly hopping on board IoT bandwagon. New IoT devices are being pumped out at a rapid pace and companies seek to take advantage of the growing trend. That often means security is an afterthought, kept as a low priority in the interest of flooding the market with new gadgets with innovative capabilities. Since some enterprises think they can add security features later, it’s vital to tackle the security issues as early as possible.
There’s no stopping the Internet of Things from fully blossoming into a new technological boom. Businesses will try to stake their own share of the market. IoT security has to a priority, so testing how ready new IoT devices are in terms of security remains a crucial issue. With better standards and more detailed tests, IoT devices will be prepared to handle the security challenges we face today.