January 27, 2015

Three Myths About The Internet Of Things And Security

By Daniel Price

Internet Of Things Myths

Privacy and security is a hot topic at the moment. From heartbleed to the NSA and from government spying to Obama’s State of the Union address, it seems everyone is keen to have their say on what they think security and privacy in the online world should look like. It’s no wonder, therefore, that there are a lot of myths and untruths circulating. Here we look to debunk some of them…:

Myth 1: The private sector is capable of meeting security challenges by itself

President Obama and Prime Minister Cameron have drawn praise and derision in equal measure in recent weeks. Not long ago they stated they thought the government should have more ability to access private online communications to help combat terrorism – some regarded their views as sensible, while others took serious umbrage with the idea of the state having yet more intrusion into our privacy.

The truth is the private sector is unlikely to be capable of meeting the increasing challenges by itself. Whether or not you agree with the concept of state intervention, at the very least the private sector needs help in facilitating an information exchange that contributes to the public good. Ultimately individual companies are probably not motivated to care about the public good without guidance from public policy – though public policy will only be effective with proper feedback of what’s working and what’s not from researchers, enterprises and users.

Myth 2: More security means less privacy

Technically, security and privacy appear to be two sides of the same coin; both rely on encryption, both use design processes to help ensure their protection, and both suffer similar types of failures.

However, there is a distinction. Privacy is about providing information into a system and not being personally harmed by doing so, security is about creating value and then protecting that value. The recent IEEE Summit on Internet Governance saw several speakers claim we were currently dealing with security versus privacy, when in fact we should be looking at security blended with privacy. By taking the view of one versus the other, we do not allow the technical community to accurately describe the choices society is facing. Collectively we have to find practical levels of security and privacy that work in a cost effective way – not choose one over the other.

Myth 3: Traditional software security will work for the internet of things

One of the biggest challenges for the internet of things is getting the message to new adoptees that traditional, desktop security strategies will not work very well.

Methods that are now common practice among desktop users – such as rolling monthly updates, new software releases, and security patches – are not necessarily practical for the IoT, where some devices and technologies could be in place for many years before they are replaced or upgraded.

Scale is also an issue; where IT networks may traditionally comprise of hundreds, maybe thousands of devices, the number of IoT devices will dwarf it and continue to grow exponentially. Companies will be stepping into a world we they experienced before and that they haven’t engineered for – the dynamics are an unknown.

By Daniel Price

Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.
Metasploit-Penetration-Testing-Software-Pen-Testing-Security

Leading Cloud Vulnerability Scanners

Vulnerability Scanners Cyber security vulnerabilities are a constant nuisance and it certainly doesn’t help with [...]
Read more
Michael Kleef

Akamai’s Michael Kleef Reveals Key Shifts in Cloud Computing Landscape

Welcome to a conversation with Michael Kleef, Vice President of Product Marketing, Developer Advocacy, and [...]
Read more

5 Reasons You Need DAST to Secure Your Cloud

5 Reasons You Need DAST to Secure Your Cloud What Is DAST? Dynamic Application Security [...]
Read more
Bharti Patel

The Goldilocks Principle of Cloud Management: Striking the Ideal Balance

It’s not an all-or-nothing proposition: How to strike the right balance with cloud The pandemic [...]
Read more

Exploring SaaS Directories: The Path to Optimal Software Selection

Exploring the Landscape of SaaS Directories SaaS directories are vital in today’s digital age, serving [...]
Read more
David Anandraj

Tips to Protect Business Texting & Navigate 10DLC Compliance

Navigating 10DLC Compliance Texting has become a communication game-changer for businesses. Texting allows companies to [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.