Protecting IoT devices from cyberattacks: A critical missing piece: Page 9 of 10

August 04, 2017 //By Alan Grau, Icon Labs
Protecting IoT devices from cyberattacks: A critical missing piece
When it comes to protecting IoT devices from cyber attacks, both device hardening and security appliance approaches each has its supporters, but there are trade-offs between “device-centric” and “appliance-centric.”
before a login is even attempted because the IP or MAC address is not in the whitelist, thereby blocking the attack before it even really begins.

Figure 4. Rules-based filtering is used to enforce communication policies, blocking packets from non-trusted senders and isolating devices from attack.

Many attacks are blocked before a connection is even established because each packet received by the devices must pass through the firewall for filtering before being processed. This provides a simple, yet effective layer of protection currently missing from most legacy IoT devices.

Security appliance approach vs. device hardening
Two important tradeoffs in considering the hardware versus software approach to IoT security are economic consideration and the protections that can be built into low-cost sensors.

As IoT devices proliferate, the number of required security appliances could explode. The economics of adding security appliances to every IoT device are simply prohibitive.

While this can be addressed with software security built directly into the device itself, this is not without cost of its own. Security software requires additional memory and processing power, and imposes additional overhead on network resources which can dramatically impact battery life for lower power devices. As a result, you are limited in how much security can be added to low end devices such as sensors.

Summary
One of the unique challenges of the IoT is that the network perimeter is often blurry. Network security appliances can protect cloud-based computing resources and any IoT devices that happen to reside within the network perimeter, but do little to protect mobile devices or IoT endpoints located in the field. So while security appliances play a critical role in protecting the IoT, they do not provide the complete solution.

Ultimately, some combination of hardware and software will be required, but building software into IoT devices is a critical missing piece that must be addressed.

About the Author
Alan Grau is president and cofounder of Icon Labs


Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.