Definition

IoT security (Internet of Things security)

Part of the Network security glossary:

IoT security is the area of endeavor concerned with safeguarding connected devices and networks in the Internet of things (IoT).

The Internet of things involves the increasing prevalence of objects and entities – known, in this context as things -- provided with embedded systemsunique identifiers and the ability to automatically transfer data over a network. Much of the increase consists of devices other than computers, like household appliances, smart TVs and hardware components.

The main problem is that because the idea of networking appliances and other objects is relatively new, security has not traditionally been considered in product design.  Products are often sold with old and unpatched embedded operating systems and software. Furthermore, purchasers often fail to change the default passwords on devices -- or if they do change them, fail to select sufficiently strong passwords.

Security experts have warned of the potential risk of large numbers of unsecured devices connecting to the Internet since the IoT concept was first proposed in the late 1990s. In December of 2013, a researcher at Proofpoint, an enterprise security firm, discovered the first IoT botnet. According to Proofpoint, more than 25 percent of the botnet was made up of devices other than computers, including smart TVs, a refrigerator and other household appliances.

Alan Grau of Icon Labs discusses IoT security:

This was last updated in January 2014
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • firewall

    - A firewall is a network security system, either hardware or software based, that controls incoming and outgoing network traffic based on a set of rules. (SearchSecurity.com)

  • digital signature

    - A digital signature (not to be confused with a digital certificate) is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document. (SearchSecurity.com)

  • social engineering

    - Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. (SearchSecurity.com)

Glossaries

  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.