I remember that it was to Julio Linares, in a remote Telecommunications Meeting in Santander, the first person to whom I heard the expression "Internet of things", which at that time sounded tremendously shocking to me. Now, IoT is one of the most frequently used acronyms in technological environments. According to the ENISA definition, the Internet of Things is a cyber-physical ecosystem of interconnected sensors and actuators that allow decision-making

Today, The Internet of Things is an intelligent infrastructure enabler that provides advanced functionalities to business processes, and facilitates the provision of higher quality services. In this sense, it is important to understand that the IoT means something more than gather, transport and analyze information. IoT projects have a direct impact on the processes improvement and the decisions that directly affect the business; which results in a obvious improvement in competitiveness.

Any economic sector can benefit from this technology. We see some examples below:

Although the advantages of using IoT are quite evident, their adoption is not taking place at the speed that would be expected; being one of the main reasons the lack of confidence. According to a study carried out by IDC in July 2017,” 36% of the companies surveyed in Spain point out security and data privacy reasons (identity management/device verification, network security and components, regulatory aspects on the data) as the main brake in the IoT projects investment”

Threats and risks associated with IoT devices, systems, and services are multiple and evolving rapidly. It is important to understand that to ensure the success of such projects it is essential It is important to understand that to ensure the success of such projects it is essential guaranteeing and developing specific security measures.

In a first approach we can think that the main threat lies in the lack of security  regarding  design and development of the devices. But ENISA in its "Baseline Security Recommendations for IoT" guide, identifies other weaknesses such as the interoperability gap between the various devices and platforms, the intrinsic security enforcement cost, the lack of management concerning the product life cycle, or the scarcity regarding security reference frameworks and regulations in this area.

In view of these security, privacy, transparency and compliance issues, choosing the right IoT solution vendor remains a challenge. In fact, not only the security of each IoT element must be guaranteed individually, which is perhaps the aspect that is most debated, but also, and fundamentally, the security of the IoT service as a whole (sensors, communications, applications, and platforms), since it is the complete chain that can leave doors open to potential attacks.

Each user must set security needs based on the sensitivity of the information or criticality of the service received. Only a complete evaluation of the whole service can provide as a result a qualification of its level of security to allow the supplier accrediting that has adequate security measures to the requirements of its users..

All you need is LEET.

Suscribe our communications by clicking here


You can follow us on twitter.com/leet_security

6 de junio de 2018