This page contains a Flash digital edition of a book.
THE BACK PAGE SECURITY UNDER A CLOUD?


R


ecent


high-profile cyberattacks and ransomware


threats have spurred discussion about the gaps in Internet of Things’ (IoT) security.Monica Brink, EMEA Marketing Director of Iland, is arguing that unless the security side of IoT is sorted out, it could hold back wider adoption of the technology. The IoT is already branching out into commercial


networks as well as industrial applications.While it is easy to get excited about all the new gadgets that the IoT has delivered, wemust take a step back and consider security. And IoT devices are often deployed with little or no consideration for security. Are the right securitymeasures being taken,


particularly by organisations which need to protect business-critical and sensitive data? Recent distributed denial-of-service (DDoS) attacks, such as that experienced by the DNS provider, Dyn – whichmade it impossible to access the likes of Twitter, Amazon and Netflix – should be a serious wake-up call. In its early days, theWorldWideWeb brought


with it little protection frommisuse. This, of course, generated consumer distrust, consequently slowing down initial e-commerce efforts. But e-commerce now represents around 15 per cent of UK retail sales. This is because data encryption and other


securitymeasures are simply assumed. People no longer fear sending their credit card information


56 /// Environmental Engineering /// December 2016


over the wire. This echoes the


initial response to the cloud, which saw low user adoption for the first few years due to security worries around the safety of the data being stored offsite. But by the beginning of


2016, according to the Cloud Industry Forum, the UK Cloud adoption rate had


climbed to 84 per cent. Most IoT devices hacked to date have had default


usernames and passwords, and at no point had the manufacturers prompted users to change these. Increasingly, hackers are able to usemalware software to scour the web for devices that have basic security and detect vulnerabilities. This enables the hackers to uploadmalicious code so that the devices can be used to attack a targeted website. Without knowing which devices exchange data


within a specific network or the Internet as a whole, there is no way to develop an adequate security strategy. In theory, every single device that is being added to a network needs to be evaluated. And this is just as painstaking as it sounds. Whether it is the IoT or the cloud, companies


need to begin using security technologies and procedures that have already been proven to be reliable. Thismeans applying on-premise levels of IT security to cloud workloads. For example, two- factor authentication, role-based access control, encryption, and vulnerability scanning can enable a protective shield for the cloud to scan all incoming and outgoing data formalicious code, regardless of the device being used. EE


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60