News, Events & Insights

Business News, Career Resources, IT, People

Internet of Things

February 15, 2023

The Double-Edged Sword of IoT

By Andrea Mantilla

You’ve likely heard people talking about the Internet of Things (IoT) and are familiar with IoT devices such as Fitbit, Nest, Hue Lightbulb, and Amazon Echo. However, there are many misconceptions about what it really is. To fully understand this technology, we must take a technical approach to describe IoT and its related technologies.

What is IoT?

The Internet of Things (IoT) is a network infrastructure that enables connection and communication between physical devices. Any object given digital intelligence embedded with sensors and connectivity is considered IoT, from smart-security devices that detect unwanted movement to smart thermostats that adjust the temperature in your home. Even smart-medical devices are used to monitor vital signs. Recent setbacks, such as the pandemic and chip shortage, have not diminished the usefulness of IoT devices.  IoT devices can be both a help and a hindrance in IT environments: they make it possible to seamlessly integrate multiple IT environments, but once deployed, it is challenging to close the security gap created by them. 

Advantages 

The IoT devices’ flexibility, easy integration, and effectiveness with other systems are why they have been commonly sought after. The value of IoT devices comes from their capability to provide their service immediately and seamlessly – hence the coined term ‘plug and play.’ IoT is about connecting everyday devices to the internet to communicate and share data, making our lives easier and more efficient.

For example, smart speakers, like Amazon Alexa devices, have been one of the most widely used IoT devices. They eliminate the need to do simple tasks such as adjusting light features, playing music, and locking and unlocking entries. Most of all, they are commonly used to control other IoT devices.

Disadvantages

IoT challenges include: 

  • Weak security due to low-cost.
  • Scalability is hard to manage due to the increased number of devices joining the IoT network.
  • Massive amounts of data are collected and transferred, requiring minimal user involvement, control, or knowledge.
  • Requirements of software and application compliance do not exist.
  • Flexibility to integrate quickly and effectively with other systems.

The integrity and safety of the IoT are not a top concern for sellers or manufacturers due to the lack of profit gained from developing and testing secure IoT firmware. Sellers prioritize creating an IoT that is fast to manufacture, low cost to build, and easy to use over providing security for their devices. As a result, many IoT devices have been built with easily hackable code or faulty OTA (over-the-air) updating features.

In terms of security and privacy, the current market of IoT consists of heterogeneous devices and networks that are not natively designed for security. Whereas most modern operating systems (OS) feature security-by-design, many IoT devices don’t even have it built in and lack built-in security controls that help deter common cyber threats. The lack of security combined with the proliferation of IoT exposes enterprises to massive risks for loss of revenue, intellectual property (IP) theft, and compromised brand reputation.

Cybersecurity Hygiene

In an increasingly digital world, we need to be able to trust the safeguards protecting our information and personal data. Many security methods have been proven to be ineffective against IoT devices, which can leave us vulnerable to a potential breach.

To be successful in securing IoT platforms and businesses, there needs to be greater collaboration with other industries and authorities. Although the need for security is obvious, the industry is still struggling with this dilemma. It is important that there are independent efforts to reduce risks in each area of IoT before more concrete standards can be developed for the larger industry.

  • Like other computer systems, the IoT requires continual support and expansion to keep it operating at peak efficiency. Understanding current developments in IoT can help or even influence the perspective and direction of IoT. Some businesses are re-examining their approach to digital transformation and IoT. One of the most significant trends around Intelligent Edge is that Fortune 500 companies are taking advantage of the Internet of Things and Artificial Intelligence to produce better products and services – a small fraction of these companies have fully adopted AI as part of their IoT projects.
  • Manufacturers and service providers need to ensure that each IoT device they put out is secure by default. The need to keep manufacturers and retailers accountable for the security of these devices is paramount. Many countries have responded by banning weak default passwords, but that’s the beginning of keeping our networks secure.
  • Users may simply lack the knowledge or skills to implement adequate security measures since some IoT devices lack basic security features when sold to consumers – some are released with default/ preconfigured login information and no granular security measures. To minimize this security gap, manufacturers should also provide consumers with guidance on how to secure their devices after purchase. 

Conclusion

As the IoT becomes more widely adopted, security incidents will continue to occur. New connected devices are being discovered every day, and with each device comes a vulnerability that cybercriminals can exploit. With this lack of accountability from both manufacturers and users, IoT devices are connected without considering the security risks. These vulnerabilities do not just disappear – they only increase over time.  

Back to News & Events