Week 10 Discussion

.docx

School

Ashford University *

*We aren’t endorsed by this school

Course

5900

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

3

Uploaded by SamuellBurleyIII

Report
As we get more and more devices that are Internet accessible the potential for IOT (Internet of Things) risks increase. What are some of the ways that the risks associated with these types of devices can be reduced? IoT security issues can be of a different nature and occur at different levels. • Computer attacks : Computer attacks are the most common threat in a cloud environment. They can be Denial of Service (D-DOS) attacks, malware spread in IoT devices, exploits, attacks on the user’s privacy, or even modification of the electronic components of the device. • Software vulnerabilities : Another major security challenge lies in IoT applications and software vulnerabilities. These must remain updated, analyzed, tested, and configured correctly to prevent security problems, both in the platform and backend. • Data interception : Communications between IoT devices are another level where cybersecurity risks may occur. Session kidnappings, communication protocols, and obtaining network data are some threats to which it is essential to adopt security measures. IoT Security Issues 1. A challenge for data privacy : The Internet of Things represents taking the data collection, storage, and analysis mechanisms to a greater scale. There are more and more devices connected to the Internet and there are also more elements that require protection: the device itself, the network, the application, or the platform that it uses. 2. Technical vulnerabilities in authentication : The IoT works with devices of a different nature that will be connected to the Internet and collect user data in the cloud through the tool itself. One task to do is to work in-depth on the authentication mechanisms to ensure the privacy of the user. 3. Human factor : The Internet of Things is a relatively new technological advance. Ignorance of IoT security, both by companies and individual users, also increases cybersecurity risks due to lack of experience and the human factor. 4. Data encryption : the transmission of data by non-encrypted means presents a major security problem. Also consider the importance of network security, since the IoT is generally focused on mobile devices of various types and predominantly wireless networks. 5. Complex system : the more devices, people, interactions, and interfaces, the more the risk for data security also increases. It means that there is more variety and diversity in the system, so the challenge of managing all points in the network to maximize security also increases. These are just some of the challenges of extending IoT devices and cloud applications and their security risks. Steps to mitigate these risks Develop Your IoT Readiness Plan
IoT introduces an entirely new playing field. Employees, visitors, partners, and outsiders are bringing Internet-connected devices to the corporate network via your wireless or wired connections. Not to mention, new devices like whiteboards, coffeemakers, security cameras, and Bluetooth speakers are equipped with “smart” features that could be potential backdoors for threat actors. These technologies present information security professionals with a significant challenge to overcome. Scan Your Network & Identify ALL IoT Devices Next, leverage a pen testing team or vulnerability assessment tool to scan the network for IoT devices currently within your network to understand their vulnerabilities and the current risk involved for each device. Finally, you will need to know what happens when an IoT device is compromised or attacked or even when a whole group of devices is used to attack your network. You can use pen testing to understand the impact of vulnerable IoT devices within your network. You need to prepare for worst-case scenarios and plan the strategies behind mitigating that through a comprehensive defense-in-depth strategy or layered security approach. You may also decide to place certain IoT devices on separate networks from your core IT networks and applications to safeguard your data. After you complete this IoT risk assessment, you will have a much better understanding of the security landscape and current challenges represented. When deploying new devices, you will also want to consider deploying with security in mind first, which leads us to our next topic. Incorporate ‘Security by Design’ IoT production has happened overnight, and there are now billions of devices connected to the Internet. Security is often disregarded when consumer demand for products dictates deployments. However, by not incorporating ‘security by design’, some potentially fatal flaws are created in the original designs of these latest and emerging technologies. IoT needs to start with ‘security by design.’ As manufacturers build the latest IoT devices, they need to consider the challenges and possible vulnerabilities such as malware, DDoS, and even ransomware attacks. Otherwise, they put human safety at risk. Holding IoT Manufacturers Accountable for Patch Updates IoT devices have on average 25 vulnerabilities, and that number continues to grow. Add on top of that the number of vulnerabilities for computers, servers, and mobile phones, and the number and scope is a bit mind-boggling and a full-time challenge. Many IoT devices are using a modified version of Linux, bringing tens of thousands of lines of code into the device. The Linux kernel had 85 high-severity vulnerabilities in 2016 alone. Many IoT device manufacturers hastily launch products without the responsibility of protecting organizations and individuals. As security professionals and organizations, the next step is to hold IoT manufacturers accountable for incorporating security into their designs from the start.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help