What is IoT security (Internet of Things security)? - Definition from WhatIs.com


IoT security (Internet of Things security)

Part of the Network security glossary:

IoT security is the area of endeavor concerned with safeguarding connected devices and networks in the Internet of things (IoT).

The Internet of Things involves the increasing prevalence of objects and entities – known, in this context as things -- provided with unique identifiers and the ability to automatically transfer data over a network. Much of the increase in IoT communication comes from computing devices and embedded sensor systems used in industrial machine-to-machine (M2M) communication, smart energy grids, home and building automation, vehicle to vehicle communication and wearable computing devices.

The main problem is that because the idea of networking appliances and other objects is relatively new, security has not always been considered in product design.  IoT products are often sold with old and unpatched embedded operating systems and software. Furthermore, purchasers often fail to change the default passwords on smart devices -- or if they do change them, fail to select sufficiently strong passwords. To improve security, an IoT device that needs to be directly accessible over the Internet, should be segmented into its own network and have network access restricted. The network segment should then be monitored to identify potential anomalous traffic, and action should be taken if there is a problem.

Security experts have warned of the potential risk of large numbers of unsecured devices connecting to the Internet since the IoT concept was first proposed in the late 1990s. In December of 2013, a researcher at Proofpoint, an enterprise security firm, discovered the first IoT botnet. According to Proofpoint, more than 25 percent of the botnet was made up of devices other than computers, including smart TVs, baby monitors and other household appliances.

Alan Grau of Icon Labs discusses IoT security:

This was last updated in September 2015
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms


  • going dark

    - The going dark problem, as described by the FBI, is the Bureau’s inability to access legally intercepted communications and information because of the encryption technologies used for data privacy ... (WhatIs.com)

  • threat actor

    - A threat actor is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- the security of an organization. (WhatIs.com)

  • threat intelligence service (TI service)

    - A threat intelligence service (TI service) is a provider of information about current or emerging threats that could negatively impact the security of a customer’s organization. (WhatIs.com)


  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.