The security of Internet of Things (IOT) devices affects almost everyone’s privacy, safety and financial well-being, and deserves our immediate attention.
Examples of IOT devices include security cameras, baby monitors, “Mifi,” home energy, wearables, medical implants, entertainment and TV systems, manufacturing controls, home automation, environmental monitoring, kiosks and cars, as well as more traditional computing technology such as PCs, routers, switches, tablets and smart phones.
Examples of IOT hacks include tapping into people’s home cameras, installing malware that steals credit card data, tinkering with a car’s steering and brakes, and imparing the ability of medical devices to save lives.
IOT Security Best Practices
IOT security best practices incorporate traditional computer security best practices, including limiting available application services, securing the remaining application services and hardening the underlying operating system. However, they also incorporate their own considerations, including taking special care against timing attacks on low-power devices, side-channel attacks on nearby devices, and hardening cases and even circuit boards against physical access.
Sources of IOT Best Practice on Security
Security best practices for the Internet of Things are still emerging, but a list of reliable sources is provided below.
- Embedded Security for Internet of Things (Ukil, Sen and Koilakonda)
- Security Challenges of IP-Based Internet of Things (Heer, Garcia-Morchon, Hummen, Keoh, Kumar and Wehrle)
- Adventures in Automotive Networks and Control Units (Miller and Valasek)