Driving Compliance with Embedded Devices — the Internet of Things

It’s everywhere, all around us, floating tiny bits of information from one end of the planet to the other—the Internet. What once was a foreign concept not too many decades ago has now become the lifeline for any number of daily activities — banking, shopping, travel, social networking—connecting everything and everyone.

And with the ever-growing connectivity of information brought together inside the Internet, the focus has now turned from inward to out, looking at how we connect not only the information but enhance the communication of everyday items with that information through the Internet. Every aspect of business and the way we work will be affected by these changes. Industry’s very nature will be transformed by these new, communicating devices.

The Internet of Things is permeating the marketplace, bringing physical objects together through remote accessibility across the Internet without the need for human intervention, using the same wireless networks and Internet Protocol (IP) that connects your computer to the Internet.

IoT devices integrate sensors that detect specific changes in the environment (temperature, water pressure, heartbeat, sunlight) and communicate the conditions back to a program over the Internet. The management application for the device then makes a decision based on certain criteria and the data recorded and sends out a command for the device based on those conditions. Most devices make those calculations and decisions within themselves and therefore must be updated manually. A number of manufacturers have already incorporated IoT into their game plan for new-product rollouts.

As a matter of fact, right now, manufacturers are in the process of developing personal sensors connected to the lights in the home, temperature control, and even vehicles that will get notification from sensors should you suffer from a seizure, or other medical issue, in some cases taking over the steering of the car and moving your vehicle to park to prevent accidents. It’s clear businesses need to adapt.

However, with these increased capabilities comes the concern that we could be facing a new set of threats — many of which are not known to the public. To work as intended, most of these devices include embedded sensors that make it very easy to track the movements of those devices and monitor interactions with them. In other words, embedded intelligent devices are now just as likely as PCs, servers or smartphones to be dragged into botnets or hijacked by cyber-attackers.

Lesser devices could be left open to tampering of critical controls over the Internet. Additionally, insufficient networks could also be tampered with or disabled, preventing IoT devices from updating, or potentially using a device for unintended purposes. These concerns around IoT devices will alter how businesses approach securing such devices and protocols, and need to be addressed at the onset of developing such products.

Secure your Business in the Age of IoT

On July 25th, we want to hear your thoughts on the widespread adoption of the Internet of Things. We’ll discuss examples of security gaps that may be of concern with embedded devices:

  • Of the embedded device gaps, which is the highest priority to resolve?
  • What are barriers to achieving tight security adherence with embedded devices?
  • What are some best practices with meeting security policy with embedded devices? Vendor selection criteria? Endpoint identification? Authentication or authorization processes?

In spite of the beneficial possibilities inherent in this concept (such as situational awareness or the ability of keeping track of companies’ inventories), organizations will need to prepare and take provision against conceivable security hazards.

Join us in our latest #SecChat to discuss the Internet of Things and potential security risks at 11am PT, Thursday, July 25th:

  • Search for the #SecChat (via TweetChat, TweetDeck, or a Twitter client) and watch the real-time stream.
  • Follow @McAfeeBusiness. We will get the conversation rolling by posing a few questions to participants.
  • Tweet your reactions, questions and @reply’s to the chat, making sure to use the #SecChat hashtag.


Leave a Comment

two + 20 =