Top Wireless Gotchas! Number Three: Mitigating security risks
Blog — This is the third post in a multi-part series of blogs by Bill Zujewski, which specifically explores the challenges of dealing with wireless technology as part of an M2M (Machine-To-Machine) initiative. The series offers insights to help designers and developers prepare for and overcome the unique challenges involved with implementation. Today’s post focuses on security risks.
Security and privacy concerns are front-of-mind for everyone – regardless of industry. But they’re even more prominent for the machine-to-machine communications (M2M) community, and breeding skepticism around the future growth of the Internet of Things (IoT). And there’s reason: Cybercrime and government spying is headline news every day. There’s no doubt the state of privacy and terrorism in a hyperconnected world will be front and centre for the Internet of Things as it continues to move mainstream.
In reality, the biggest security risk of the IoT is someone accessing a machine and making it malfunction – machines are almost never used as a Trojan Horse to access the network it’s on. However, ensuring the security of machines, networks, and data is trickier in a wireless environment – but it needs to be a top priority for every business involved in M2M.
Here are five security strategies that every wireless M2M initiative should include:
- Encrypt utilising the machine when possible. Many new devices have encryption chips that will allow for easy encryption of traffic without relying on the wireless network. Older devices may not have this option and will likely want to utilise carrier wireless traffic encryption.
- Encrypt from the data centre to ensure that any traffic between the wireless carrier and your business applications travel over an encrypted pipe. This may require setting up a VPN and APN with your carrier. Axeda and AT&T deliver this service as part of our joint core offering.
- Configure your assets so that machines can only receive instructions from your M2M cloud platform. Axeda customers’ assets are configured such that they can only respond to instructions from Axeda’s Machine Cloud.
- Turn off unnecessary services. Ensure that ports or services on your device are disabled or turned off. That debug interface that is so useful in testing can be a backdoor for malicious attackers.
- Whitelist web sites and services such that the machine cannot access web services that are explicitly approved. Axeda and AT&T’s offering can help to enhance the security of your wireless solution with this service.
The good news is that, so far, there have been few recorded incidents of a connected product leading to a data breach or cyber-attack.
The author is Bill Zujewski, CMO and executive vice president
of Product Strategy at Axeda Corporation. He is also a
member of M2M Now’s Editorial Advisory Board.