5 Recommendations for IoT Manufacturers
by Pascal Geenens
As devices get more connected, they potentially get smarter and provide richer functionality. The internet of things (IoT) describes a world where just about anything can be connected, from routers, smart thermostats, smart light bulbs, and door locks to intelligent fridges, or even cars.
In recent events, devices with less than desirable security states were taken over by massive botnets consisting of hundreds of thousands of devices that were able to launch an impressive DDoS attack that crippled several online services.
Security should be a top priority in the strategy of manufacturers and not an afterthought. Consumers are in need of solutions built with security in mind and which protect their homes, their lives and their private information. There is a need for better regulations due to a lack of product certifications or labels to help consumers in differentiating brands and products with respect to their security state.
For this reason, I would like to propose five best practices that any IoT manufacturer should consider:
1) Invest in a common operating platform built with security in mind.
It is worth thinking about this and making the right choices upfront as to make sure all your future devices support the operating environment. A single OS provides a consistent user experience across your devices and you will profit from scaling updates, changes, and improvements on all your devices, limiting the duplication and porting efforts of security updates and new features. Linux and BusyBox, although in the eye of the storm of all things bad surrounding IoT, can be a good choice for embedded devices, as is Windows 10, Android, or any other fitting platform. It isn’t the base OS as such that will provide the security, but it is how you go about it and how you harden the platform and maintain its most up to date version. Some pointers:
● Unnecessary services should be disabled by default, especially SSH, Telnet, SMB, FTP: Un-savvy users will never use these services and the ones that actually might need them for advanced operations will be able to find and understand the ‘enable SSH’ flag in the ‘advanced options’ tab. Do not worry, even if you bury the option in the most illogical place, the people who want it will find it.
Read more: http://ow.ly/eDO5308l8il