IoT devices are not just practical. They are also a potential security risk. It's not just devices and applications which have to be equipped to guarantee secure data. Network security in cloud systems also has to meet the highest standards.
The fridge orders milk before it runs out. Surveillance cameras send a push message to the smart phone if they discover something suspicious. Somebody’s flat’s thermostat is notified they are leaving the office - and ensures that upon their arrival home half-an-hour later the place is comfortably warm.
For some time that’s not been a pipe dream but an actual reality. The Internet of Things (IoT) is revolutionizing our daily life. The network service provider Cisco estimates there to already be 15 billion devices connected worldwide. If the boom continues, it could already reach 50 billion by 2020. Chip manufacturer Intel even expects 200 billion.
Putting it simply, the Internet of Things is here to stay. Yet IoT devices are not just practical. They are also a potential security risk. Remember autumn 2016, when a large-scale DDoS attack on a DNS-provider shut down countless and sometimes very popular internet services such as Netflix.
The author of these attacks was the so-called Mirai botnet. It is made up in part of surveillance cameras, digital video recorders and similar devices connected to the internet. The attacks showed how often IoT devices suffer from insufficient security features or inadequate factory settings which do not make full use of potential data encryption.
The security concerns around the Internet of Things are not just scaremongering. They’re justified. Critical areas such as industrial facilities, cars or medical devices have long since been connected – and offer cyber criminals or secret services many new targets.
Here attacks on critical infrastructure such as energy companies, large production facilities or public transportation can cause economic damage. They can also bring with them life-threatening incidents of an unforeseen nature.
Areas liable to attack are many: A typical IoT framework is composed of peripheral devices (such as sensors, adapters, beacons etc), a gateway to communication with devices and as multiple back-end servers (mostly in cloud systems). The list of potential risks is long – and growing. This is down to many companies bringing new IoT devices on to the market hastily and without considering security as part of their design. Often, there is no transport encryption, web interfaces are insecure, or there are problems with authorization and software protection.
It's not just devices and applications which have to be equipped to guarantee secure data. Network security in cloud systems also has to meet the highest standards. The transfer of user data occurs from the device to an intelligent gateway. The data must of course be encrypted. Surveillance of the enormous data streams, and intelligent defence mechanisms such as deep packet inspection, are required. Of course, cloud security is essential. Personal user data is saved in cloud systems. Only high-security data centres at secure locations can guarantee this security.
We at Safe Swiss Cloud are convinced that anyone offering connected, smart everyday technology has to treat IT security, data protection and data sovereignty with the utmost care. If you want to discover how we support our customers from the healthcare industry, by hosting their IoT applications in a cloud system, take a look at the following cases: