Nick Barendt, executive director of the Institute for Smart, Secure and Connected Systems (ISSACS) at Case Western Reserve University, illustrates the challenge of protecting Internet of Things devices by comparing them to more traditional IT assets.
“It’s still hard to, say, secure a web server, but it’s a limited scope of work,” Barendt notes. “I have to worry about a few ports, and I can control ingress and egress for those ports. I also control the physical device in a data center. The issue with IoT is that it spreads your surface area of attack infinitely. Anyone can walk up to a device, if they can access it, and either brute-force attack the device or use the compromised device to launch other types of attacks.”
As a result, Barendt says, many IoT vendors have begun to take security more seriously, building cybersecurity solutions into their products and eliminating risky practices such as shipping all devices with the same default password. Higher education institutions can further protect themselves, he says, by using zero-trust networking methodologies, storing passwords securely and encrypting traffic to and from IoT devices.
Continue reading: https://edtechmagazine.com/higher/article/2021/10/colleges-secure-iot-proactive-solutions-and-strategies
“It’s still hard to, say, secure a web server, but it’s a limited scope of work,” Barendt notes. “I have to worry about a few ports, and I can control ingress and egress for those ports. I also control the physical device in a data center. The issue with IoT is that it spreads your surface area of attack infinitely. Anyone can walk up to a device, if they can access it, and either brute-force attack the device or use the compromised device to launch other types of attacks.”
As a result, Barendt says, many IoT vendors have begun to take security more seriously, building cybersecurity solutions into their products and eliminating risky practices such as shipping all devices with the same default password. Higher education institutions can further protect themselves, he says, by using zero-trust networking methodologies, storing passwords securely and encrypting traffic to and from IoT devices.
Continue reading: https://edtechmagazine.com/higher/article/2021/10/colleges-secure-iot-proactive-solutions-and-strategies
