web analytics

Your IoT Baby Isn’t as Beautiful as You Think It Is

10th May 2017  By Andrew Howard

 

Both development and evaluation teams have been ignoring security problems in Internet-connected devices for too long. That must stop.

 

When looking at Internet-enabled products, the following are the top security concerns companies should look at:

 

  • Basic hygiene issues: Default or no password, unnecessary active services, unpatched operating systems, etc.
  • Encryption challenges: No encryption or poor use of encryption, home-brewed cryptography, poor key management, exposed secret keys, reuse of secret keys, etc.
  • Unprotected software: No protection of software against download or reverse engineering, which can lead to intellectual property or key exposure.
  • Unauthenticated message passing: Devices follow any network commands, regardless of sender.
  • No secure update mechanism: Device firmware can’t be securely updated to mitigate new security threats.
  • No physical security: Open a device, connect directly to main bus, and gain privileged access to system functions.

 

Full Article

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico