itb-nz logo
Story image

IoT: The nexus for change

The internet of things (IoT) has been a captivating topic for audiences around the globe as the ways we stay connected has evolved in countless ways – and continues to evolve. Devices, such as home routers and wireless IP cameras, are no longer restricted to interactions in silos but instead across a multitude of networks. 

While IoT is an avenue into a connected future, it is also the ideal target for cyber-attacks and data breaches. And though hackers are not directly targeting device owners under IoT, hackers can use a connected device as a launch pad for attacks against an alternate target.

Who can forget the Mirai attacks in 2016 which used IoT devices to attack internet infrastructure? The attack involved an estimated 100,000 malicious endpoints and resulted in downtime for numerous users – with some of them reportedly losing upwards of $300,000 to the botnet. While the worst of the Mirai attacks might be over, IoT security continues to be a pressing concern. 

Just two months ago, experts reported the Mirai source code continues to spawn botnet with the unchangeable code proving to be a robust foundation for future malware. Listed below are the major concerns currently present in IoT and ways in which these challenges can be overcome.

Inconsistency in Technical Advancements

IoT issues stem from the vulnerability of the collective technology as opposed to the individual. In the long run, enterprises must develop end-to-end solutions, as hackers can use a single point method to penetrate an entire technology bundle. There is also the possibility for cross-overs of data, where an individual's personal data could be utilised to inform service providers that they aren't subscribed to. 

As a best practice, securing endpoints means implementing a layered mechanism that requires attackers to circumvent various hurdles created to protect the device, and its data, from unsanctioned entry and use.

It is imperative to integrate security into foundational processes. The best way to secure an IoT device, application or a network is to build security into the base. For example, when developers write code, you can write secure libraries for what they are using. This means security measures are baked into the device, which is far more effective than network firewall tools or assessment tools. 

Standardisation for Better Integration

Currently, IoT needs standardisation when it comes to how the different parts of the larger ecosystem should interact with each other. Large players use their internally developed solutions while smaller players utilise recondite standards which might not be universally applicable. 

To overcome this, governing bodies need to establish certifications which award minimum safety standards for component security, this must be the bedrock upon which platforms should be developed.

The Presence of Legacy Infrastructure

The more organisations look to increase the use of data generated by IoT, the greater the threat they will face in transferring and storing these vast volumes of data securely. Organisations need to find and actualise a system that is proficient in not just assembling the data but also extracting, inferring and then removing or archiving it at speed and scale. 

One way to solve the vast volume of data problems is a gradual approach. This means the first analytics stage takes place locally on the router, and if an anomaly is found, the relevant data is sent to the cloud for a thorough analysis.

IoT security should be treated as the foundation upon which enterprises should base themselves upon. However, beyond filling Protection Gaps, companies should also fill Availability Gaps.  

Only by doing so will enterprises be able to provide services without disruption and eliminate unplanned downtime – saving an average of $21.8 million per year. 

In the long run, IoT will become the first level informer that will propel the intelligence over what should happen within the environment, rather than being reliant on people. This will take a paradigm shift in outlook and confidence in leading-edge technology.

Article by Raymond Goh, Head of Systems Engineering, Asia & Japan at Veeam Software 

Story image
Going back to work: Why we need to rethink enterprise ID cards
Australia and New Zealand are opening up again, and office workers are going back to their desks. Meanwhile, many companies still rely on outdated legacy card issuance systems, which offer little functionality or security assurances, and printing processes can be cumbersome.More
Story image
Unilever chooses Alibaba Cloud solutions to bring marketing game to new heights
“Alibaba Cloud’s solutions have the ability to unlock the customer insights needed, and are set to ensure Unilever continues to succeed and build brand loyalty with its customers amid a constantly evolving and complex marketplace.”More
Story image
Vodafone NZ moves forward on digital reinvention with appointment of strategy officer
Mooney will be tasked with helping to guide the business through its ongoing reinvention towards becoming a more digitally focused business.More
Download image
Strengthen the weakest link in your security chain
Globalisation. Remote working. High-turnover workforces. These factors and more add up to make increasingly dynamic workforces - and without proper management, your business could fall behind.More
Story image
Closing the cloud skills gap: How certification can maximise cloud investments & keep staff happy
You probably wouldn’t buy an expensive computer program if you didn’t know how to use it. Yet so many organisations invest in costly cloud programs, without having the necessary skills and training on board to make the most of the program.More
Download image
NFV touted as go-to method of simplifying corporate networks
Enterprises outline their considerations in this study, built on evidence from those directly involved with building a strong networking infrastructure.More