The document discusses security challenges with Internet of Things (IoT) devices and solutions to improve IoT security. It outlines that IoT systems connect various devices to networks, but many current devices have weaknesses like default passwords, vulnerabilities in protocols, and lack of updates. This can enable attacks like denial of service, data theft, and device compromise. The document recommends manufacturers implement security features like access control, authentication, encryption and that users isolate devices, change passwords, and keep software updated to safeguard IoT systems and the data they generate.

1. Internet of Things
- Security Challenges
Mathews Job

2. Contents
 IoT- Internet of Things
 Essential Components
 Security Challenges with IoT
 Security recommendation for IoT manufacturers
 Business challenges for Insecure IoT
 Solutions to make IoT Secure
 IoT Risks
 IoT Safeguards

3. Internet of Things
 Internet
 Network of interconnected computer networks
 Thing
 An object not precisely identifiable.
 Internet of Things
 network of interconnected objects uniquely addressable

4. Examples of IoT devices.
 Automatic security systems like fire alarms , Wi-Fi cameras
 Automatic device which controls your electrical systems
 Medical equipment like Wi-Fi enabled heart monitors or insulin dispensers
 Smart watches or human wearable devices
 Automated lighting or air conditioning systems
 Smart refrigerators, TVs, Printers , scanners
 Cell phone controls systems like music systems , microwaves , Air conditioners
 Utility monitoring systems like energy , water , food supply and Fuel systems

7. What do you think ? Is IoT Safe ?
 Intruders can analyse dynamic data
 Track data belongs to individual or organization
 Greater the volume of sensitive data, greater is the risk of data

8. Essential Components
Mainly Three Categories
 Wireless Sensor Network
 IoT Gateway
 Storage , Analysis and Presentation

9. Security Challenges with IoT
 Denial of service attacks (Dos / DDos)
 Resources are not available to users
 Sensor cloning , Substitution and firmware replacement
 Identical copy of sensors
 Replacement of sensors
 Network attacks
 Eavesdropping
 Data tampering
 Traffic Analysis
 Impersonation and camouflage

11. Security recommendation for IOT
Manufactures
 Remote Management System (RMS)
 Security Service Framework (SSF)
 Key Management Server (KMS)
 PKI Servers
 Security Service App
 Security Service Agent
 Security Service API
 Security Cardlet for Secure Elements

12. Business Challenges for Insecure IoT
 Distributed Denial of Service Attacks
 Lacking effective device security mechanism
 Knowing possibilities of vulnerabilities
 Identifying and Implementing security controls
 Insecure device software
 Wi-Fi enabled device connected to LAN without proper security
 Replication
 Protection of data
 Lack of Long Term Support

13. Secured IoT –
Solutions to make IoT Secure
 Enforce security from beginning
 Long-term support/updates
 Secure access control and device authentication
 Know your enemy
 Prepare for security breaches

14. Secured IoT –
Solutions to make IoT Secure
 Secure channel and reliable data
 Access control and authorization schemes
 Authentication schemes and Cryptographic data
protection

15. IoT Risks
 Vulnerabity of Universal Plug and Play (UPnP) protocol.
 Use of default vendor password by users which normally users do not
change.
 Denial of service attack on these devices and making them in operable.
 Compromising IoT device to harm the user
 Compromising the integrity of business operational processes
 Unsecured or unhardened IoT device

17. IoT safeguards
 Isolate IoT devices from secured network
 Disable UPnP on routers
 Choose appropriate IoT device based on its purpose
 Purchase IoT devices from well-known manufactures
 Keep the IoT devices patched up to date
 Change default passwords and have strong passwords
 Use current best practices while connecting IoT devices to network
 User awareness on IoT devices and related threats

18. Thank you

19. References
1. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/02/24/s
ecuring-internet-things
2. https://securitycommunity.tcs.com/infosecsoapbox/articles/2015/09/14/i
ot-%E2%80%93-handle-care
3. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/02/22/h
ow-secure-internet-things
4. https://www.toptal.com/it/are-we-creating-an-insecure-internet-of-
things
5. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/07/06/i
nternet-things-iot-%E2%80%93-security-challenges
6. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/02/22/i
nternet-things-more-we-connect-more-we-grow