IoT security - or a lack thereof - has been a major topic of conversation for most everyone who works in tech or IT. But finally, there's some new IoT security technologies that are showing promise. Here's what you should know.
IoT is a tricky subject. On the one hand, IoT has essentially transformed industries around the world in a matter of a few years, from automating basic household tasks, like monitoring your home's internal temperature, to large-scale enterprise applications such as integrating IoT technology to create "smart cities". On the other hand, because IoT has transformed our lives so quickly, IoT device manufacturers have largely overlooked key aspects such as IoT security, leaving many enterprise organizations at major risks from hackers who see a unique opportunity to quickly and easily access organizational data that isn't as secure as it should be because of lax IoT security regulations and standards.
This, however, will have to change as 96% of IT professionals expect to see a breach within their IoT devices and technology this year. And that's not an irrational thought given that 2016 already saw one of the largest cyber security attacks involving IoT devices when Dyn was attacked late last year.
Luckily, a spate of new IoT technologies is already being rolled out, which should help curb some of the cyber attacks that many IT professionals are anxiously awaiting. Here are five IoT security technologies that you should know about from TechRadar's 2017 Q1 IoT Security report.
1. IoT Encryption - Encrypting data that's at rest or in transit might seem like a fairly simple and commonplace technology. However, the wide variety of IoT devices that exist means that standard encryption protocols and processes are fairly limited. There are some enterprise vendors, however, that are working to create more IoT encryption standards that can be used in future IoT devices.
2. IoT API Security - Because many IoT devices need to transfer data between consumer facing apps, back-end systems, and the physical device, there's a serious need for strong IoT API security. Luckily, companies that are on the forefront of IoT technology and want to move further into the enterprise space, like Google, are focusing heavily on IoT API security.
3. IoT Authentication - Authenticating IoT devices is a big step in improving IoT security. The issue that complicates it is that instead of authenticating say, a person, using a mobile banking app, you've got a physical device component that needs to be authenticated. Taking out the human element and working on machine to machine authentication requires switching up standard authentication measures, but there are a handful of companies working on making this better.
4. IoT Network Security - Network security for IoT devices is going to become standard as physical devices will need to securely communicate with backend systems and applications. There are, however, a wider range of communication protocols that are used with IoT technology, which creates a more complex environment than standard network security.
5. IoT PKI - A PKI (or Public Key Infrastructure) is obviously an important component of IoT security, as there needs to be some way to create, manage, and store digital certificates and public key encryption. As with most other IoT security, there are some challenges, such as the fact that many IoT devices weren't built to be PKI compatible. However, moving forward, having a standard process for integrating and utilizing PKI will help improve overall IoT security.