Information Technology Specialist, Member of Alpha Beta Kappa Honor Society, USA
*Corresponding author: Christos Beretas, MSc, Information Technology Specialist, Fortinet Network Security Expert Certificates (NSE1/NSE2/ NSE3), Member of Alpha Beta Kappa Honor Society, Alpha of Ohio, USA
Submission: August 16,2018;Published: August 24, 2018
ISSN 2640-9739 Volume1 Issue1
The Internet of Things is a concept that has been heard quite a lot in recent years, a concept that slowly emerged, but over time it has experienced a booming growth that was then adopted not only by giant IT companies, offering according to the directions of each company that adopts the corresponding services and applications to the end user. Undoubtedly this technology has come to stay for a long time, it has come to improve our living conditions and to simplify habits and functions that required time and many times difficulties [1,2]. The Internet of Things is almost everywhere around us from the super market to the cars we drive, our everyday life is going easy and we are happy to live with, but there are two important points that we should consider:
1. Uncontrolled product design based on the Internet of Things.
2. Access to data managed by Internet of Things are inaccessible by the users.
According to the above, important questions arise, such as:
1. How and where these devices store and manage the data now?
2. How and where these devices store and manage data in the future?
3. What personal data are collected and for whom?
4. How protected they are from hacking attacks?
5. How capable is an Internet of Thing to take full control of an information system?
Surely for all of us who are involved in the security of information systems, we have a lot of work to do. The biggest challenges we have to face are:
1. No one knows an Internet of Thing how it collects, how it uses, and where stores personal data. One could construct an Internet of Thing that behaved properly according to the purpose it was created, but it could also act as intelligence espionage product to transmit personal sensitive data and information related to the online traffic and services of an organization, and the worst scenario is that this device can work for years without being noticed.
2. Depending on the complexity of the smart device, the amount of data it sends is increasing, for example a complex smart device can send up to 5 times the volume of unidentified data.
3. The Internet of Things, as I mentioned above, was designed to make our lives easier because technology evolves and these devices evolve, so many unknowingly use them in a computer room or in critical security infrastructures for which the devices have not been made for this purpose, and of course with unknown security implications for the company’s network since these devices do not have an management interface for the user, so it is impossible to access them.
4. Depending on the type of the device, third-party information is internally embeded, for example GPS maps, geostrategic data, human habits information, transaction information, which will then have to work all together for the Internet of Thing.
5. We do not know exactly what kind of data and metadata are collected, it is enough to ponder that an IoT card containing basic medical data of a patient sends about 200 MB of unknown data per year.
6. The Internet of Things are not safe enough in external attacks, a denial of service attack on an Internet of Thng could be the entry for violating an information system and collect sensitive information from it.
7. The construction of these devices varies, there are not enough standards to build and protect personal data, no one can guarantee that an Internet of Thing will protect its owner against an external threat, which for example could get the control of a car with unpleasant consequences for the driver.
Considering the above, we should consider whether we really need an Internet of Thing and if this is necessary, how much we can parameterize and access to it..
© 2018 Christos Beretas. This is an open access article distributed under the terms of the Creative Commons Attribution License , which permits unrestricted use, distribution, and build upon your work non-commercially.