Step 3: Eliminate the Use of Passwords
According to the Open Web Application Security Project (OWASP), a worldwide not-for-profit charitable organization focused on improving the security of software, "attackers use weak passwords, insecure password recovery mechanisms, poorly protected credentials or lack of granular access control to access a particular interface."
As the connected world expands, each layer of technology needs to incorporate identity to secure the object and its access.
Securing IoT requires a technology that is compatible with all devices, especially considering that some existing "dumb" devices can be made "intelligent," creating a mix of old and new machines running on disparate systems and technologies that must communicate.
Security must be open, scalable, and proven trustworthy. The solution lies in this equation:
Card + Cert + PIN
5 Recommendations to Secure the Internet of Things
5 Recommendations to Secure the Internet of Things
A reliance on passwords to prevent attackers from accessing systems, devices, and applications is outdated and ineffective. Attackers typically count on users implementing password-based security protocols, which opens the door to attacks — such as Trojan viruses, phishing, and man-in-the-middle — that take advantage of vulnerabilities. Attackers have evolved from simply wanting to achieve notoriety to becoming sophisticated thieves who steal personally identifiable information (PII) — such as financial and health care records and account numbers — to targeting the rapidly developing Internet of Things (IoT) market, where a hack becomes more personal and potentially life-threatening.
In this slideshow, Phil Montgomery, chief product officer at Identiv, will provide five recommendations to mitigate risk and maintain a strong security posture in this ever-growing connected world.
