IoT Security: Let’s Not Forget The ‘Thing’
On the internet, the security industry protects us from harm by promoting and enabling safe practices. These “built-in” security practices include mutual authentication, encryption, secure protocols and trust. But what about in the real world? The internet of things (IoT) has, for the most part, not been created with similar built-in security architectures. This is because people owned many of the things long before they were connected and/or intelligent. It was only in 2014 that Symantec crystallized this terminology in the IoT space by defining the difference between built-in and bolt-on security components.
With built-in components, security is an integral part of the devices, whereas bolt-on components add these security features post hoc. Since the IoT affects the physical world through a device’s human interface, an attack on an internet-connected IoT device with less stable bolt-on security is not only easier but more dangerous. Read more…