The basics of IoT, the security issues both personal and within businesses. These slides cover the basics of what IT and Business professionals should know when considering working with Cloud Computing and IoT devices.

1. Internet of Things and the Implications on Business
Information Technology Architecture and Security
Denise E. Ferniza
denise.ferniza@gmail.com

2. Agenda
• Defining the Internet of Things (IoT)
• Integration of IoT
• Security Risks of IoT
• Benefits of Cloud Computing in Business
• Risks of Cloud Computing in Regards to IoT
• Significance of Research
• Conclusion
• Proposed Further Study
• References
2

3. Defining the Internet of Things (IOT)
• IoT refers to an object that is connected to the Internet
and has the following unique properties (Yashaswini,
2017)
– Assigned a unique IP address
– Can collect and transfer data
– Does not require human to machine interaction
3

4. Defining the Internet of Things (IOT)
• IoT consists of four layers, each layer has different
applications and assigned roles (Pai, 2018)
• IoT consists of four layers:
– Perception layer
– Network layer
– Support later
– Application layer (Yashaswini, 2017)
4

5. Defining the Internet of Things (IOT)
• IoT has been around since before 2000, but did not gain
mainstream popularity until around 2010 (Gilchrist,
2017)
• There were approximately 2.6 million IoT devices as of
2016, which was an increase of 30% from 2015
(Alrawais, 2017)
• 5.5 million devices are projected to join IoT a day
(Gilchrist, 2017)
5

6. Integration of IoT
• IoT involves wireless sensor networks,
cloud computing, analytical data,
interactive technologies, and smart
devices (Tweneboah-Koduah, 2017;
Alrawais, 2017)
6

7. Integration of IoT
• IoT is being used across a variety of areas
including
– Smart homes, cities
– Smart energy
– Transport
– Healthcare
– Retail
– Manufacturing (Tweneboah-Koduah,
2017; Yashaswini, 2017)
7

8. Security Risks of IoT
• Each layer of IoT poses its own risk (Yashaswini, 2017)
IoT Layer Application Support Network Perception
Security Weakness
(countermeasure)
Privacy and
authentication(end-to-end
encryption, privacy
protection)
ID of Malware (secure
communication, cloud
computing, antivirus)
CIA (Certification, hop-by
hop, data encryption)
Authentication
(certification and
access control)
8

9. Security Risks of IoT
• Most consumers value convenience over security (Gilchrist,
2017)
• Getting users to understand threats of IoT devices (Schneier,
2013)
• Most products are plug and play, and left in default settings
allowing easy access by unauthorized users (Moos, 2017)
– www.insecam.org demonstrates the seriousness of leaving default
settings
– There are thousands of security cameras that have default settings
allowing anyone to view the image 9

10. Security Risks of IoT
• Lack of regulation of IoT security protocols (Schneier, 2013)
• Computational abilities of IoT devices is low, making it harder to
apply meaningful security (Yashaswini, 2017)
• IoT are particularly vulnerable to wireless scrambling,
eavesdropping, man-in-the-middle attacks, message modification,
and injection attacks (Tweneboah-Koduah, 2017)
• Other Device Manufacturers (ODM)
– Includes software, and firmware
– ODM often uses embedded Linux that has outdated and flawed code
– Software is recycled, providing easy access for hackers (Gilchrist, 2017)
10

11. Security Risks of IoT
• Malicious attackers can use IoT devices to conduct DDoS
attacks (Cho, 2018)
– The infamous Mirai Botnet brought down most of the Internet on the
East Coast of United States by utilizing the processing power of
unsecured IoT devices
11

12. Benefits of Cloud Computing in Business
• Cloud Computing will likely be a key
solution to
– Data analytics
– Storage
– Information Diffusion
– IoT data receiver, storage, analytics,
and interpretation (Tweneboah-
Koduah, 2017)
12

13. Benefits of Cloud Computing in Business
• Cloud Computing is Internet based and
shares hardware, software, and
information (Li, 2011)
• Cloud Computing increases scope of
IT service and efficiency while
limiting operational costs and
encouraging collaboration
13

14. Benefits of Cloud Computing in Business
• Mircosoft Azure IoT Suite allows
businesses to quickly develop and
integrate IoT applications via cloud
computing (Chatham, 2015)
• Collaborations across various other IT
companies such as Texas Instruments are
making strides for easier, and safer cloud
computing and IoT application (Alrawais,
2017)
14

15. Risks of Cloud Computing in Regards to IoT
• Cloud computing is growing stagnant in businesses due to the
following security concerns: (Carter, 2015)
– Malicious code is increasingly being hidden in SSL/TLS
and is no longer a safe option for cloud computing
– Eavesdropping, hacks into traffic over networks
– Rogue Firmware is a major threat to IoT and cloud
computing
– Backdoors, many IoT devices are susceptible to backdoor
attacks which in turn can allow hackers to gain access to
the cloud and sensitive date
15

16. Risks of Cloud Computing in Regards to IoT
• Manufacturers leave address paths open to troubleshoot,
but these address paths are often identified easily.
• IoT devices attacked rose 9050% from 2012 to 2016
(Cho, 2018)
• Privacy leakage in IoT due to the resource constraints of
most products (Alrawais, 2017)
• IoT – Cloud integration faces application service attacks
as well as privacy, trust, identity, and standardization
challenges (Tweneboah-Koduah, 2017)
16

17. Risks of Cloud Computing in Regards to IoT
• The use of Cloud computing and IoT needs to be
addressed holistically
• Before using Cloud Computing or IoT business/IT
alignment with the Information System goals need to
be considered (Li, 2011)
17

18. Significance of Research
18
• Utilizing Cloud Computing, within the
perimeters of an IS goal can help businesses
achieve efficiency and lower operating costs
(Li, 2011)
• Correct configurations of firewalls and
implementing multi-layered security are
instrumental in ensuring security on IoT
devices (Moos, 2017)
• Utilize root of trust systems such as
Microsoft Azure (NASDAQ, 2017)
• Increasing integration will increase security
by using pre-integrated software

19. Conclusion
• By 2020 there is estimated to be over 50 billion IoT
devices (Twenboah-Koduah, 2017)
• Business/IT alignment will play a major role in
sustainability, advantages, and growth of IoT and
Cloud Computing (Carter, 2015)
• IT must be committed to alignment and furthering
businesses processes
19

20. Conclusion
• Poorly designed, and outdate devices play a key factor in
the vulnerability of IoT
• System applications, firmware, hardware, and software
vulnerabilities are a direct result of the layered nature of
IoT (Twenboah-Koduah, 2017)
• Consumers, especially influential ones, need to insist on
minimum security standards (Schneier, 2013)
• Ensure that IoT complies with CIA trends and
incorporates security architecture from ISO Protocol (Pai,
2018) 20

21. Proposed Further Study
• Further study should be conducted into:
– ways to rate, and secure IoT devices in a
meaningful way to users (Gilchrist, 2017)
– Ensuring and certifying design and
implementation of IoT devices
(Tweneboah-Koduah, 2017)
– Ways to more efficiently install and
network IoT devices
– Ways in which to make the end user more
educated on the nature of security
vulnerabilities on IoT devices (Gilchrist,
2017) 21

22. References
Alrawais, A., Abdulrahman, A., Chunqiang, H., & Xiuzhen, C. (2017). Fog Computing for the Internet of Things: Security and Privacy Issues.
IEEE Internet Computing, 21(2), pp. 34-42. Retrieved from https://ieeexplore-ieee-org.ezproxy1.apus.edu/document/7867732
Carter, S. (2015). Impact of cloud-based computing on business-information technology alignment in small businesses (Order No. 3718681).
Available from ProQuest Central; ProQuest Dissertations & Theses Global. (1712374897). Retrieved from https://search-proquest-
com.ezproxy1.apus.edu/docview/1712374897?accountid=8289
Chatham. (2015) Products in the news: Texas instruments collaborates with Microsoft to speed internet of things (IoT) development Retrieved
from https://search-proquest-com.ezproxy1.apus.edu/docview/1718352769?accountid=8289
Cho, S. (2018). System Hardening and Security Monitoring for IoT Devices to Mitigate IoT Security Vulnerabilities and Threats. KSII
Transactions on Internet and Information Systems 12(2), pp. 906-920.
Li, Q. (2011). Towards the Business-Information Technology Alignment in Cloud Computing Environment: An Approach based on
collaboration points and agents. International Journal of Computer Integrated Manufacturing 24(11), pp. 1038-1057.
Moos, J. (2017). IoT, Malware and Security. ITNOW 59(1), pp. 28-29.
22

23. NASDAQ. (2017). Micron and Microsoft announce collaboration to help improve internet of things security. NASDAQ OMX's News Release
Distribution Channel Retrieved from https://search-proquest-com.ezproxy2.apus.edu/docview/1891004823?accountid=8289
Pai, V. (2018). Survey on IoT Security Issues and Security Protocols. International Journal of Computer Applications 180(42), pp. 16-21.
Retrieved from https://www.ijcaonline.org/archives/volume180/number42/29411-2018917108
Schneier, B. (2013). IoT Security: What’s Plan B? IEEE Security & Privacy 15(5), pp. 96-97 Retrieved from https://ieeexplore-ieee-
org.ezproxy1.apus.edu/document/8055681
Tweneboah-Koduah, S. (2017). Cyber Security Threats to IoT Applications and Service Domains. Wireless Personal Communications 95(1), pp.
169-185.
Yashaswini, J. (2017). A Review on IoT Security Issues and Countermeasures. Oriental Journal of Computer Science and Technology 10(2), pp.
454-459. Retrieved from http://www.computerscijournal.org/toc/?vol=10&no=2
23