Top Wireless Gotchas! Number Three: Mitigating Security Risks
By Bill Zujewski
This is the third post in a multi-part series, which specifically explores the challenges of dealing with wireless technology as part of an M2M (Machine-To-Machine) initiative. The series will offer insights to help designers and developers prepare for and overcome the unique challenges involved with implementation. Today’s post will focus on security risks.
Security and privacy concerns are front-of-mind for everyone – regardless of industry. But they’re even more prominent for the M2M community, and breeding skepticism around the future growth of the ‘Internet of Things.’ And there's reason: Cybercrime and government spying is headline news every day. There's no doubt the state of privacy and terrorism in a hyperconnected world . will be front and center for 'Internet of Things' as it continues to move mainstream.
In reality, the biggest security risk of the ‘Internet of Things’ is someone accessing a machine and making it malfunction – machines are almost never used as a Trojan Horse to access the network it’s on. However, ensuring the security of machines, networks, and data is trickier in a wireless environment – but it needs to be a top priority for every business involved in M2M.
Here are five security strategies that every wireless M2M initiative should include:
- Encrypt utilizing the machine when possible. Many new devices have encryption chips that will allow for easy encryption of traffic without relying on the wireless network. Older devices may not have this option and will likely want to utilize carrier wireless traffic encryption.
- Encrypt from the data center to ensure that any traffic between the wireless carrier and the your business applications travel over an encrypted pipe. This may require setting up a VPN and APN with your carrier. Axeda and AT&T deliver this service as part of our joint core offering.
- Configure your assets so that machines can only receive instructions from your M2M cloud platform. Axeda customers’ assets are configured such that they can only respond to instructions from Axeda’s Machine Cloud.
- Turn off unnecessary services. Ensure that ports or services on your device are disabled or turned off. That debug interface that is so useful in testing can be a backdoor for malicious attackers.
- Whitelist web sites and services such that the machine cannot access web services that are explicitly approved. Axeda and AT&T’s offering can help to enhance the security of your wireless solution with this service.
The good news is that, so far, there have been few recorded incidents of a connected product leading to a data breach or cyber-attack. Demonstrating that connected products are secure and data is handled responsibly is essential for the future of the industry.