Internet of Things (IoT) or Internet of Things (IoT) is the new concept that is all the rage in the technological field. But what is IoT really? It is defined as “physical objects connected to the network that improve the user experience in everyday life and business processes in companies”.
Every day there are numerous articles talking about IoT and connected devices. Without going any further, the consulting firm Gartner forecasts that 4.9 billion connected objects will be in use in 2015 and the figure will reach 25 billion by 2020.
However, a report by the consulting firm PwC shows that in 2014, 86% of the respondents expressed concern about the security loopholes around connected devices, such as wearables, for example.. When we talk about wearables, we are referring to devices such as smart watches, which are becoming increasingly important in our daily lives. The problem comes when the information (whether personal or business) jumps from wrist to wrist without any kind of filter.
The approach of creating new usage policies for these devices is already a fact. If we go to any type of company (not only technology or telecommunications), we will see that it is connecting devices between them, such as smartphones, cars, consumer electronics, industrial sensors or even clothing so that they have access to the Internet in real time. This intercommunication and also the autonomy they present between them (machine-to-machine) generate a radical change in the modus vivendi of people, in addition to the huge economic impact on new business models.
In this situation, we should ask ourselves a few questions: Who cares about security? Where does data privacy stand? Can we trust the data we receive? What would happen if hack our home or our company through IoT?
Can we trust the security of the Internet of Things?
A study of HP has evaluated 10 IoT home devices along with its cloud and mobile application components, and found that none of the systems require the use of a secure password and that 100 percent of them do not offer two-factor authentication. All these devices can identify us, define us and tag us. without our being aware of it.
Let's take an example: Imagine that an IoT device is tracking the purchase and the truck that brings it to us. The simple fact of knowing the frequency and time with which we make the purchase of certain products can easily reveal that we are on a diet or that we suffer from some kind of food intolerance. On the other hand, the dates on which we order can also reveal our religious tendency. For example, if we are Muslim and practice Ramadan or if we are Christian and buy a certain food at Easter.
As mobile devices are increasingly used to interact with other elements, thanks to IoT, it will become imperative to verify the identity of mobile device users.
In 2016 the trend will evolve from the BYOD (Bring Your Own Device) to BYOID (Bring Your Own Identity) including wearables, personal devices, clothing, etc., so users will need their own elements associated with their identity.
To limit potential breaches and protect sensitive data, company policies and user privacy in general terms should dictate which products can be brought to work, which ones fall within the scope of security, which ones are allowed and what security they require.
The security experts at Unisys also portend an increase in security analytics and forensic tools to combat cybercriminals. Such tools can detect and respond to unusual network behavior, enabling organizations to act better and recover from cyberattacks faster. With the increasing use of infrastructure services cloud, In addition, IT security professionals will have a very difficult time segregating network traffic using traditional firewalls.
The good news is that the technology industry has reacted and recognizes that there is a problem around IoT security. For example, the International Standards Organization (ISO) is working on how the ISO 27000 family of security standards should be adapted to meet IoT needs, while the ISO 27000 family of security standards should be adapted to meet IoT needs, while the ISO 27000 family of security standards should be adapted to meet IoT needs. IEEE Standards Association is working on an architecture framework to address IoT security, privacy and governance issues.
Data today are the new diamonds. All the information stored on our phone, or any connected device, is the new diamond. 10 times more valuable than our card on the black market. We should start to raise awareness and think about how we can improve the security of our data. We have to be critical and take into account what we connect, how, and where we connect it to. The new digital era is a fact and we should take control of our lives.