To date, much of the conversations around Internet of Things, or IoT, have been forward thinking and positive in nature. However, US Department of Homeland Security is looking at the other side of IoT - security - and getting serious about protecting the technology and data devices, like EMCS (energy management control systems), web enabled TV/Moniors, video cameras and more, are sharing.
According to Network World, "What the DHS (Department of Homeland Security) is looking for is summed up in three areas it describes as detect, authenticate and update." Detect references the ability to know what devices are utilizing a network at any given time. The DHS says that IoT system security managers currently have no real-time and reliable way of knowing what devices are utilizing a network and sharing information. Next, the DHS wants authentication to occur through provenance of IoT components to know if they are being spoofed or controlled. Finally, no system, especially IoT systems remain the same over time. They evolve and thus will need to be able to update frequently and efficiently. As more devices are added or lost, the systems will need to update its security features and programs to accomodate all changes and remain stable.
RESOLUTE Partner's VP of Technology, Frank DeMasi strengthens the DHS's standards by saying "IoT needs some kind of central control mechanism so that all these devices and their conversations can be managed and approved. Right now vendors designing devices and their “conversations” with other devices are designed to happen automatically to add functionality and in some cases relevance to their product. For the enterprise security or home residence router manager this is a nightmare scenario in management, let alone security. If the government standardized on a communication platform (think like wi-fi) then not only can device manufacturers make devices to talk to each other, but other manufacturers will then make the central control devices with security. Right now we have the first one and nothing for the second because of a lack of standardization in the market space."
In the end, there are going to be a lot of different aspects of the Internet of Things, like smart lights, smart locks, smart "just about everything," not to mention security, hardware, and infrastructure to make it all happen. The good thing to come from the fact that the Department of Homeland Security is commenting on the IoT is that it means there is significant momentum and market action around the concept. Be prepared to see this industry explode in 2016.
If you're interested in learning more about how we facilitate this type of work, especially security (which was mentioned in the Wall Street Journal), read the free case study below.