IS USING INTERNET SAFE?

Image
Many people surf the Internet as part of their work activities, others visit a wide range of pages to stay fully informed of the news in the world, perhaps simply to complement their educational training or to entertain themselves during leisure hours. But everyone wonders if it is really possible to surf safely on the internet and that is precisely what this article is about. What Is Internet Security? Within the operating rules and policies that are part of the management of the websites to which users have access, a series of parameters have been established in order to prevent and control unauthorized entry to the resources available within Internet. This is part of internet security and its goal is to maintain a level that allows users to enter each page without risks to their computer or the integrity of their personal information. Therefore, talking about security is having ways to prevent, protect and avoid unauthorized intrusion to private networks, such as corporate or ev...

INTERNET SECURITY IN IoT

In recent years, the rise of the Internet of Things (IoT) has been increasing worldwide, so it is necessary to reflect on the risks and opportunities of these new technologies, in addition to analyzing why the industry is like this as the users themselves, we become aware of the need for these practices.

Internet security in IoT
In this document they seek to coordinate the possible standardizations that are so well needed within this growing industry (IoT). The document begins with a definition about IoT made up of two concepts:

The IoT components are connected by a network that provides a relationship between them (using or not TCP / IP).

Some of its components are sensors or actuators that allow it to interact with the physical world.

The larger universe is known as an IoT environment that interacts with the IoT system, which in turn is made up of one or more components that interact with the physical world.

·       Cybersecurity and IoT areas are defined as:

·       Cryptographic techniques (Encryption, Digital Signature)

·       Cybersecurity incident management

·       Hardware assurance Identity and Access Management

·       Information security management systems

·       Security evaluations in IT systems

·       Network Security Automation and continuous monitoring

·       Software Assurance

·       Risk management in the supply chain

·       Systems Security Engineering.

Where there is the greatest need according to the document is in the security evaluation of IT systems, and Security in Telecommunication Networks, in the other areas there are standards although the implementation can be very slow or with little penetration in the industry. This document establishes the status within the IoT security industry, and is a great administrative advance, after the standardization comes a long phase of implementation within companies, devices that comply with UL 2900 (ANSI Standard) same as in accordance UL is about to be published and approved by the SCC of Canada for implementation, which are certified by the ZWave Alliance or by ICSA Labs.

One form of standardization is the creation of reference frameworks for IoT, and IoT Security, let's see an example of each: for the first case we have a reference framework from the Online Trust Alliance, known as the IoT Trust Framework, in the indicate that there are 6 items that should be taken into account as a requirement for "thing", these are: Cryptography, Communications, Authentication, Physical Security, Platform Security, Alerting and Logging, when commenting on these items we also see reflected the broad context of things, in security matters we can mention OWASP, who now has a section on IoT security, and generates a document about the attack surface areas of an IoT device, these are:

·       Ecosystem Access Control

·       Device physical memory

·       Device physical interfaces

·       Web interface

·       Firmware

·       Network Services

·       Administrative interface

·       Data stored locally

·       Cloud web interface

·       Third party APIs

·       Authentication mechanisms

·       Mobile apps

·       Manufacturer APIs

·       Communications ecosystem

·       Network Traffic

Comments

Popular posts from this blog

HOW TO STAY UP TO DATE ABOUT KEEPING DATA SAFE?

COMPANIES INTERNET SECURITY

IS USING INTERNET SAFE?