IoT Security

As the new industry of IoT emerges, there are budding concerns about the security of these devices and the vulnerabilities of the machines they attach to. Any new industry will have competitors racing to get as much of the market-share as possible, but this rapid development has left consumers wondering what corners were cut. Since there are no industry standards in place right now, there is little resistance to create and sell IoT devices. Anyone can make a sensor, but are they producing a product which is vulnerable to outside hacking attacks too? This is a big concern considering how rapidly the IoT industry is growing. The more devices with little or no security standards being sold to the public only makes it easier for unwanted attacks to occur.

A new bill has recently been proposed to the U.S senate which begins to address some of these security concerns. The Internet of Things (IoT) Cybersecurity Improvement Act of 2017 has 4 basic rules which begin to help regulate IoT vendors and the products they produce. They are:

  1. IoT devices are patchable
  2. IoT devices do not contain know vulnerabilities
  3. IoT devices rely on standard protocols
  4. IoT devices do not contain hard-coded passwords

While these rules are relatively straight-forward, they are an excellent starting point to begin the conversation about IoT security standards. It is important to follow these 4 general guidelines to ensure the IoT industry does not spin out of control. Just like any new technology, there will be security risks to address upfront, but as time progresses a few companies will emerge to set the industry standard.

Monnit wants to be a part of this industry standard and has already taken steps to ensure our products are some of the most secure sensors and gateways available on the market. Monnit ALTA products are patchable, capable of over-the-air updates which allow for remote software/firmware upgrades. ALTA products currently have no known vulnerabilities, and are ready to adapt to any potential future threats with over-the-air updates. ALTA products have better than standard protocols in place, data is transmitted between wireless sensors and gateways using integrated bank level security (256-bit exchange and AES-128 CTR) on every message. Local sensor network data is communicated to the iMonnit cloud software using SSL encryption with user access to the software requiring a unique ID and password as well.

Monnit doesn’t just want to be one of the first companies to hop into the IoT industry, we have been working on our technology platform for some time. Monnit realizes in order to create a sustainable business, there needs to be an emphasis on doing what is right, not what is easy. Our engineering department has been hard at work not only creating extremely secure devices, but doing so in a way which keeps overall costs down. Monnit wants to set the industry standard both in terms of security and price. By taking the time to produce a higher quality product now, we insure our ever-growing customer base remains satisfied both today and well into the future.