The Home Security - Internet Of Things Paradox
THE HOME SECURITY J INTERNET OF THINGS PARADOX Is home security really secure? It's a huge issue. Deficiencies include: 4.9B Gartner, Ins. forecasts > Authentication > Authorization > Cloud interfaces > Mobile interfaces > Privacy that 4.9 billion connected things will be in use in 2015, "things" in 2015 up 30 percent from 2014, and will reach 25 bollion by 2020. 100 % Unrestricted account enumeration: The ability to determine whether a s pecific account is valid on a system Weak password policy: The lack of a policy and/or the presence of a weak policy of home security systems tested were VULNERABLE to account harvesting Lack of account lockout mechanism: The failure to lock out an account after a certain number of failed access attempts Account harvesting is exacerbated when video access is granted to additional users such as family members or neighbors. TOP 5 VULNERABILITY CATEGORIES IDENTIFIED: Privacy (100%) - raised privacy concerns regarding the collection of names, 01 addresses, dates of birth, phone numbers, and even credit card numbers. Vdeo image leaks are also an area of concern Authorization (100%) - an attacker can use vulnerabilities such 02 as weak passwords, insecure password recovery mechanisms, and poorly protected credentials to gain access to a system. Insecure cloud (70%) cloud-based Web 03 interfaces exhibit account-enumeration concerns. 04 Insecure mobile (50%) have enumeration concerns with their mobile application interface Insecure software/fireware (60%) - 05 did not include obvious update capabilities Are you the only one monitoring your home? If video streaming is available through a cloud-based Web or mobile application interface, then video can be viewed by an internet-based attacker from hacked accounts anywhere in the world THREE ACTIONS TO MITIGATE RISK 12 13 Don't share account access withanyone outside your immediatefamily - and stress secure Include security in Avoid using system defaults foruser names and passwords whenever possible, and choosegood passwords, when the option is available feature considerations when evaluating potenial loT product purchases password practices with those who have access The Federal Trade Commission (FTC) recommends that loT device manufacturers incorporate security into the design of connected products. Golden Locksmith"
The Home Security - Internet Of Things Paradox
Source
Unknown. Add a sourceCategory
ComputersGet a Quote