IoT: 2 Alternative Network Communication Channels for Cloud

Most systems targeting the Internet of Things (IoT) utilize web-based cloud services to link users to devices and their data. But the Net, with its http and graphical interfaces, may not always be needed. At least one company has created an IoT device that communicates via simple text messaging.

The startup FizzJelly is offering cellular-connected devices for monitoring a range of sensors. These are hobbyist devices, intended for experimenters and developers to create their own IoT systems. The systems are Arduino-compatible and fully open for experimentation and customization.

So far, this sounds like many other IoT offerings. What is different about this start up,  is its method for connecting with the user. There is no mobile app or web service associated with FizzJelly. Instead, it uses (SMS) messaging for information exchange. This makes the system compatible with more than 80% of all mobile phones (smart or otherwise) now deployed. Talk about penetration rate!

1. TEXT Messaging (SMS) It is important to understand that the various sensors you establish in your network work READ MORE -->

The Internet of Things: Top 5 Device Security Tips VISIT

blog courtesy of www.insidedevices.org

Gates’ could control about anything in his house by the tap of his finger, whilst driving his car 20 miles away from his house.

Welcome to the “The Internet of Things“(IoT) that does represent a revolution happening right now. All kind of companies – not just technology and telecommunications firms – are linking “things” as diverse as smartphones, cars and household appliances to industrial-strength sensors, each other and the internet. The technical result may be simple features such as intercommunication and autonomous machine-to-machine (M2M) data transfer, but the potential benefits to lifestyles and businesses are unprecedented.

Ofcourse there is a “But”….with great opportunity comes great responsibility. Along with its conveniences, the IoT will be exposed to unprecedented security challenges: data privacy, safety, governance and trust. 

What Are The Main Security Loopholes?

Security loopholes can occur anywhere in the IoT; but you can devide into two groups:

Data Risks: all smart devices will transmit data to a storage point before (in most cases) a bulk upload to the provider, often with outdate security settings.

Privacy Risks: all our smart devices collect, aggregate and transmit our user data,  even tiny items of data in aggregate can identify, define, and label you without your knowledge.

What Can You Do To Protect Your Data and Privacy?

1. Audit the devices you own.
2. Secure your device. If a device is connected to your network, it means that it is potentially accessible over the internet.
3. Verify the security settings on any device you purchase. If it is remotely accessible, disable this feature if it isn’t required
4. Change any default passwords to something only you know. A long combination of letters, numbers and symbols will generate a strong password.
5. Check the manufacturer’s website to see if there are updates to the device’s software. If security vulnerabilities are discovered, manufacturers will often patch them in new updates to the software. PATCHING IS EVERYTHING

What Is The Best Example Day-To-Day Example of A Device That Poses A Risk To Our Data and Privacy? 

The ATM, whether it is operated from North America, Europe, Africa, South-America, Asia or Australia; the majority is operated on a Windows XP platform. Microsoft announced that by April 8th 2014 it will stop releasing security patches. There are an estimated 3.000.000 ATM’s in the world!

Read the full article here

4 Ways To Increase Password Security for SMB's

gigaom.com

Passwords are the weak link for companies of all sizes, but many small and midsize businesses (SMBs) rely on their workers to make the right choice in selecting strong passwords.

While establishing a password policy and educating workers are good first steps, they are not sufficient to convince users to select good passwords.

SMBs frequently inherit their employees' selection of passwords, and while three-quarters of workers choose passwords for security, they also compromise to more efficiently gain access to their accounts.

"A business is only as strong as its weakest link, or weakest password connected to that business, whether belonging to a customer, partner or employee," CSID stated in the report.

Here are 4 Ways for businesses to increase password security

Mozakdesign.com

1. Create visibility
SMBs generally have no idea the strength of the passwords that their employees are using on internal systems, whether they are reusing the passwords on external services or how many different passwords they have. The first step for businesses to gain visibility should be to adopt a central system for managing employees credentials, whether a password-management service in the cloud or full identity and access management (IAM) solution.

Without such a system, companies will be blind as to the degree of risk they have, LastPass's Siegrist says.
"The scary thing is that most people don't know any better, so if you don't have any tools or procedures in place, you just have no shot of getting to a safe place," he says.

LastPass for instance, gives each employee's account a security score based on their currently stored passwords. While company administrators cannot access the passwords themselves, they can discover when a worker is not following policy.

2. Centralize password management
Even for companies that do not need a full IAM system, the centralized management of employees' passwords goes beyond just gaining insight into workers' password habits. Companies that have administrative control over their employees' accounts can add new workers and delete old ones who no longer work at the firm, heading off the risk from disgruntled employees.

"As companies grow, even to 50 or 100 users, tracking where they've added users have added accounts into different applications not only becomes a burdensome process, but can also become expensive," says Patrick Harding, chief technology officer of Ping Identity, a cloud identity provider.

Ping's product eliminates passwords for many cloud applications by using a single sign-on approach that replaces passwords with Security Assertion Markup Language (SAML) to securely access online accounts.

Liebsoft.com

3. Pick a single entry point
In addition to centralizing the administration of the identity storage, companies can benefit from simplifying a user's need to enter in a credential to a single login event. By limiting the number of times a user has to enter in a password, companies can make their workers more efficient and focus on a single channel to secure, Harding says.

"If you only have to authenticate once a day, make that authentication stronger than a password, even a strong password," he says.

Using two-factor authentication for an e-mail account can double as the log-in credentials for the single sign-on system.

4. Change employee behavior
Finally, companies should use any improvements in their management of passwords to educate them about good passwords selection, LastPass's Siegrist says. When employees reuse a password, remind them of company policy against reuse. If workers have not updated old passwords, then remind them to do so, he says.

"You can set policies to perfectly customize how safe you want your employees to be, and know that they are doing it,"Siegrist says.