In a recent article, Tech Beacon recently offered up a synopsis of IoT’s poor security record. Here are some of their key points:
- Basic security principles have been long overlooked or ignored by developers working with razor-thin margins on a low-cost business model
- Companies that lack expertise to foresee and address common security pitfalls, or are not in the networking business at all, have nonetheless dived into IoT
- Given the choice of two devices – one cheaper that can go to market faster, vs. one more expensive, delayed to market, but more secure – the first will always be chosen
- IoT is still in an innovation phase, which means that quality controls will come only after it’s been established that the technology itself works and is useful
- Even if the industry suddenly strengthened its security, what happens to the millions of IoT devices already in use in homes and businesses that have no defense against sophisticated attacks
Addressing these problems will be a work in process to get the proper security standards in place and the right balance of government regulation and industry association oversight.
“A challenge that we are facing is maintaining security on an ongoing basis,” says Cricket Liu, chief DNS architect at Infoblox. “No one gets security right the first time. Even the savviest of manufacturers will find new vulnerabilities after their devices have shipped," Liu said.
It’s a compelling piece that can be found here.