What is this Internet of Things You Speak of?

How many “smart” devices do you have on you right now? Or just electronic devices? If you’re anything like me, you might have a minimum of 2 or 3 devices every time you leave the house. I never go anywhere without my smart phone, and now that I have a smart watch I also wear that all the time to help with my fitness and activity. I also frequently bring along a pair of Bluetooth earbuds. Many people I know are the same way. We all have smart phones, tablets, laptops, earphones (wired and wireless), and fitness trackers of one kind or another. And most of these devices are connected to the Internet. What are also being connected to the Internet are things in our homes that a few years ago we would never have associated with being Internet-connected things.

Internet of Things

These devices are part of what is called the Internet of Things. The IoT, as it is called, is a growing part of our lives and is something we all need to be aware of. Just last year (2017) there were reportedly 20 billion connected devices all around us. According to IHS Markit, by 2020 there will be just over 30 billion IoT devices. Intel is even more aggressive with their projections saying there will be a many as 200 billion devices by 2020. That’s a lot of things!

But the Internet of Things isn’t just those devices we carry around on us. They are also the snazzy new “smart home” devices we are buying such as smart lighting, smart locks, smart thermostats, smart TVs and even smart appliances. But the vast majority of smart devices are things we don’t ever interact with or even see.

Invisible Things

As of this year (2017) approximately 70% of all smart devices are in business, manufacturing and healthcare. These devices are running assembly lines, monitoring inventory and supply chains and providing real-time data to health care providers in hospitals and doctor’s offices. Smart technology is even being integrated into office buildings and other high rises. New buildings are having the smart tech built in, while some existing office buildings are being retrofitted. This smart tech in high rise buildings is controlling heating and cooling, elevators, security, etc.

Vigilance is Required

The Internet of Things has enormous potential to make our lives easier and more convenient. When we can just tell our Alexa enabled refrigerator to order more milk, and it shows up from Whole Foods the next day we have more time to spend on us and our families rather than doing mundane chores. However, we must be aware of the security risks that are inherent in these types of devices. For example, older Alexa devices have a security vulnerability that allows someone with physical access to a device to turn it into an “always on” microphone that can be used to gather sensitive personal data and send it to a remote server. This vulnerability has since been fixed by Amazon, and it was extremely hard to exploit, but this example shows why we must all make device security part of our daily lives.

The same goes for the smart buildings we inhabit and the businesses that use smart technology to track their inventory and supply lines. Unfortunately, there’s not much we can do about other people’s network security, but we can make sure our home networks are as secure as we can make them.

Most of us have Wi Fi networks at home these days, because fewer wires are better! And if we have smart devices it is much easier to connect them to a Wi Fi network. Wired networks are more secure, though. So, one solution is to buy inexpensive switches to connect our TVs, A/V receivers, Blu-ray players, refrigerators, etc. to our home networks. Alternatively, if running wires is not possible, using a “guest” network for our smart devices is another solution. Most new Wi Fi routers sold these days have the capability to set up a “guest” network that is isolated from your main network. This allows you to offer, well, guests access to your Wi Fi without giving them the password to your main Wi Fi network and potentially everything else also on that network. This network can also be used for all our smart devices.

Something we’ve talked about in this blog before is also making sure you have strong passwords. This is very important for connected entertainment devices. For guidance on creating a strong password see this article from NPR. And for managing these passwords, see our previous blog post on credential managers.

Summary

The future we’ve been seeing in the movies is here! And while it hopefully does not lead to Skynet or The Matrix, as long as we exercise some solid common sense and security awareness our personal data that we have control of should be safe. In the new year let’s all keep those passwords strong, and our connected devices secure.

Author Bio

Michael with his foster pit bull, Toby.

Michael Allbritton is a Cybersecurity Analyst and Trainer with Alpine Security. He holds several security-related certifications, including Certified Information Systems Security Professional (CISSP), Network+, Security+ and CyberSec First Responder (CFR). Michael has many years of experience in software testing, professional services, and project management.  He is equally comfortable working with software engineers on testing and design and with sales to meet and manage customer expectations. Michael’s cybersecurity experience with Alpine includes penetration testing, vulnerability assessments, and social engineering engagements for various clients as well as teaching courses for the above-mentioned certifications. In his spare time Michael is an enthusiastic amateur photographer, diver, and world traveler. He has photographed wildlife and landscapes in the United States, Africa, Central America, West, and East Europe and has amassed several hundred dives as a PADI Divemaster.