The Concept Of Securing IoT To Secure Your Building

Securing IoT

Ah, security. It is the dulcet tone of a symphony that we play over and over in the IT world. IoT (Internet of Things) and the myriad of connected devices allow us some intriguing security options. For example, in a mesh array of sensors, you could effectively force users to correctly identify themselves more than once. A user would identify herself repeatedly, but you wouldn’t prompt the user more than one time. By using an array of sensors, you could effectively determine the employee’s identity many times before she has even entered your facility. Or, for that matter, before the employee has put her badge in the badge reader to enter the building.

Facial recognition using IoT video sensors is a quick and easy solution. I see you. I look you up. I know who you are and let you through to the next array of sensors. But I can also measure your voice as it has a unique timbre, analyze your particular speech patterns, and measure your gait. The very way you walk can also be used to not only determine you are who you say you are, but can also be used to verify you should be where you are.

You can deploy these sensors in places people wouldn’t suspect them. Parking lots make for great places to observe someone’s gait. You can do further security checks as they stand and wait to get their bags checked or to get visitor badges. You record and identify their voice. You could even use the unique identifier that is the IMEI of a cellular phone to determine if someone is who they say they are. You can steal someone’s phone but not their voice and gait. Even the most practiced mimic is off just enough that we are able to tell the difference.

Previously, I wrote about the internet of illness. The end game in that scenario involves your employer scanning you as you ‘badge’ into your Workplace, or greeting you at the visitor entrance, and then basically telling you to go home. You are sick, the system tells you. Come back when you are well. So you take a sick day or work from home, and the infection stops with you. Instead of walking into the office and infecting 200 people, you stay home and infect your cat. The same can be applied to people entering a building.

These sensors allow you to have good solid security at your entrances quickly. Over time, organizations can share data about people that visit them. The US Government and other governments could sell security information about the gait, voice, and other attributes that can be quickly captured. Imagine security of the day after tomorrow. You are asked to step into a booth; the booth has a camera and a microphone. You are asked to say three sentences. A single ding and the door opens and you pass through a metal detector. The booth finds no weapons, no threat, and that you are who you say you are.

Ah, security. You could, in cases where there are other issues and concerns like bombs and other risks, create artificial barriers to walking up the walkway to your building and add bomb and chemical sensors to the solution as well. Expense, however, is always the issue in terms of security. You can’t spend so much money on security that you bankrupt the company. Likewise, you can’t spend so much time and energy that the organization can’t get any work done because it takes a half hour to get from your car to your desk (even though you only travel a total of 10 feet).

IoT devices will add a great deal of information quickly for people that end up staffing visitor desks. It will allow organizations to increase the safety of their workers by reducing the number of ways you can get weapons or dangerous devices into the building. If they somehow get past the entrance, you can lock them into stairwells or shut off elevators and let them know you know they have a gun or knife, and that you have notified the authorities. The application of security for and of people is a great use of IoT sensors and devices, and can be effectively utilized while still managing costs. It will increase the overall security of your building and people greatly. You can have people log into the system over and over again, without them having to sign in more than once!

By Scott Andersen

Threat Security
Azure Red Hat OpenShift: What You Should Know What Is Azure Red Hat OpenShift? Red Hat OpenShift provides a Kubernetes platform for enterprises. Azure Red Hat OpenShift permits you to deploy fully-managed OpenShift clusters in ...
Yuliya Melnik
DevOps Services Outsourcing The sooner you release your unique idea to the public, the higher the chance that it will receive the lion's share of the audience's attention. Delays in development can lead competitors to ...
Gilad David Maayan
What Is SSPM? SaaS Security Posture Management (SSPM) is a set of security tools that an organization’s security team can use to gain visibility and manage security for their Software as a Service (SaaS) applications ...
Louis
Manufacturers’ Top Demands For Quality Software Competing on product quality has never been more urgent as rising raw material and component costs continue to squeeze manufacturers’ margins. At the same time, unpredictable supply chains make ...
Jonathan Custance
IoT –  Part of Your Essential Kit Jonathan Custance, Co-Founder of Green Custard outlines how industrial organisations can leverage IoT to dramatically reduce their carbon footprint  Technological progress and environmental sustainability have always been at ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.