IoT or the Internet of Things refers to all the things we have become accustomed to using in our normal life and business which are connected electronically, such as smart TVs, driverless vehicles and the means by which they are connected.
We don’t normally think about these things as they come into out lives, just accepting that cars can park automatically without drivers, or that we can spend time with distant loved ones without being in the same room with them.
IoT has made these things possible and through technology can connect a seemingly unlimited number of inanimate objects to devices, making them internet or cloud based and able to function completely differently to how they were originally designed.
They are able to be controlled and monitored by a person or device using remote control. An example of this is Amazon’s Alexa or Google Home.
Benefits of IoT
The benefits of this are enormous in that they make everyday life and business operate more smoothly and save time. In fact the growth of these devices is phenomenal.
According to the Forbes, estimates are that the IoT market around the world will increase from $157 billion in 2016 to $457 billion by the year 2020.
Security of Iot devices
But, although the increase of IoT is extraordinary, less consideration is going into securing the information contained in the devices. As with everything, when a new product or technology comes along someone works out how to do it more cheaply, and this is often when quality or, in this case, security is compromised.
Most non geeks don’t understand what this can mean for their privacy or security. The things people need to know about these devices and how they can be tampered with are:
- The device itself can be manipulated as SSL certificates are vulnerable and can be attacked.
- If traffic to the cloud is not encrypted, it is also vulnerable.
- The cloud itself may have problems if the cloud provider is not strict enough with their security.
Of course in business the bottom line is extremely important but sometimes Internet of things privacy has been compromised to provide a product with a desirable price.
Security At A Smaller Price
However, the combination of the products of 3 well known and respected companies have joined forces to create a well priced solution for the security issue.
- Amazon’s platform AWS is the only cloud provider which has two way Transport Layer Security (the successor to SSL) for any device.
- Microchip has a crypto chip which stores SSL certificates securely and is claimed to be impossible to break into. This product is very inexpensive to buy at only $1.
- Espressif Systems has a chip which is a wifi enabled multicontroller and is under $2 to buy.
So now you have all the components to make sure your device is protected but how do you put them all together? For example, Cesanta company produces the Mongoose web server. Its Mongoose OS puts all three of the above services together and in such a way that it’s very simple to just plug it in to your product and it is instantly usable with IoT technology.
We can expect a lot more use of IoT products in the future, but it is possible to ensure security at a reasonable price.
Bottom Line
The general public and the media has a really vague understanding of what goes into IoT security and usually uses words like ‘device’ and ‘cloud.’ Start speaking about SSL/TLS, crypto chips, 2 ways MQTT SSL authorization and you will completely lose their attention.
The key reason IoT Security is being compromised is as simple as this: vendors are price cautious and time sensitive, wanting to launch their connected products to the markets at the lowest cost possible, all too often overlooking the basic security precautions.
I am interested in all things technology, especially automation, robotics and tech that helps change how society will live in the future.