To many, it may seem like something smoky and not very current; in fact, it is likely that many of us already have one or more products belonging to the IoT world at home or in the office. Understanding the Internet of Things is very simple: thanks to it, objects unable to communicate with users, with other devices or “with the network” can become intelligent, at least in a broad sense.
Thanks to one or more network interfaces, data can be accessed remotely and manageable without being physically on-site. The IoT device may also interact with other devices and “make decisions” based on the user’s instructions or habits.
What Are The Devices For The Internet Of Things?
A refrigerator capable of detecting the food stored in it, placing an order to the shopkeeper if something is missing or in any case to inform the user; an alarm clock that can turn into an intelligent object capable of ringing earlier if there is more traffic than usual on the roads; a pot that can alert the user when it is necessary to water the plants; the packaging of a drug that can automatically remind you when it’s time to take medicine; sneakers that can draw up a report of daily sports activity indicating average speeds, length of paths and itineraries followed are all examples of objects belonging to the IoT world.
Of course, some items for the Internet of Things may be tools designed only to increase the “vanity” of those who buy them. Many others, however, bring with them an intrinsic added value. IP cameras, thermostats, smart doorbells, “smart” lighting systems, intelligent electrical sockets, wearable devices are just some examples of IoT products that bring high added value. The latest generation IP video camera can, for example, in addition to being remotely controllable, carry out a particular action when it detects the presence of a stranger in the area being monitored.
The most brilliant cameras are also equipped with facial recognition systems that can be activated to detect the presence of known or unknown subjects inside the building. There are intelligent doorbells that make your mobile phone ring if you are away from home so that you can answer whoever is in front of the door. Smart thermostats allow you to optimize energy consumption and automatically adapt to buyers’ habits and lifestyles.
Once installed, they can also be remotely controlled and report abnormal situations. Intelligent lighting systems can turn the lights on as soon as you approach the house and turn them off when you have already left. As mentioned, the various IoT products can interact with each other: the lighting system, for example, can be configured to turn on the lights when the IP cameras detect an unknown subject nearby.
How An IoT Device Works For The Internet Of Things
We have said that an IoT device uses the network connection to offer services. Usually, the IoT device connects to the local network, usually via Wi-Fi. The IoT device receives a private IP address from the router or the local DHCP server. To configure it, as with any network device, type its private IP in the browser’s address bar. Alternatively, to facilitate the management, the manufacturer generally provides an app that allows you to connect to the IoT device from the same LAN or remotely.
IoT And The Security Challenge
Devices always connected to the Internet, capable of carrying out potentially very delicate operations and used to process sensitive information, must necessarily be secure. If poorly designed or clumsily configured, IoT devices can prove to be a real thorn in the side for network administrators and the security of the LAN and data stored on servers and workstations.
The exploitation of vulnerabilities by attackers can effectively transform IoT devices that are misconfigured or have security bugs in the firmware into tools that can steal personal data and login credentials from systems connected to the LAN. In the presence of an IoT device, it is therefore suitable:
- Set access credentials to the IoT device, ensuring that the password chosen is sufficiently long and complex.
- Constantly update the firmware of the IoT device by periodically checking for the availability of new versions.
- Never lose control over the devices connected to the LAN (an inventory should be made).
- Disable UPnP support on the router.
- Always carefully examine the access control lists by verifying how many and which accounts are present. Check that there are no hidden administrative accounts.
- Check if it was necessary to open an incoming port on the router and forward the data to access the IoT device. If so, check that it is required to do this and, where possible, limit the connection to specific public IP addresses.
- If the device allows cloud access, check here that you have set an adequately long and complex password.
- Separate the IoT devices as much as possible from the rest of the LAN. A good solution is to use a switch that supports VLANs.