The Internet of “Insecure” Things

October 11, 2019 | ABI writes Sean Johnson, VP of Operations, ACS,

Everything is “smart” nowadays. Fridges, watches, sensors, handheld scanners and manufacturing equipment are almost all connected to the internet and are therefore considered part of the internet of things (IoT) or IoT devices. IoT has given rise to “Smart Manufacturing” and “Industry 4.0,” but before we get to enlightened operations, we must first secure these IoT devices to ensure our businesses remain resistant to cyber threats.

The best way to secure IoT devices is to treat them as you would any other part of your technology environment. At their core, they are just another device to be managed, patched, updated and secured. Following a layered security strategy ensures that critical data and operations are shielded behind many defense mechanisms. A layered security approach should include the following tiers:

  • Human Layer

  • IoT Layer

  • Data Center Layer

  • Core Layer

  • Access Layer

  • Edge Layer

Utilizing a layered security approach ensures that your customer information, financial information and intellectual property are more difficult for both external and internal threats to access, steal and hold hostage.

An example of compromised IoT was the 2016 Distributed Denial of Service (DDoS) attack that used smart baby monitors, thermostats and other “smart devices” to crash many popular websites, overloading those sites with millions of requests at the same time.

The DDoS attack can easily be replicated at a business by bogging down the network so employees cannot effectively access the internet, files or process digital operations. It could also affect manufacturers by accessing the Programmable Logic Controllers (PLCs) in floor equipment and adjusting proprietary recipes or product dimensions just enough to cause a manufacturer’s defect that would be undetectable until its already been sold to a consumer.

With proper identification and management, IoT devices provide many opportunities to increase revenue, increase efficiencies and reduce costs.