BLUE LABEL WEEKLY MAGAZINE IS ABOUT ONLINE MARKETING, INCLUDING INBOUND MARKETING, CONTENT MARKETING, GROWTH-DRIVEN DESIGN, INBOUND SALES, ARTIFICIAL INTELLIGENCE, BLOCKCHAIN CONSULTING, IoT(Internet of Things) Consulting, GDPR CONSULTING, AND STRIVES TO ENSURE YOUR SUCCESS!
The future is unfolding now, as smarter devices using machine learning and artificial
intelligence are being created every day and permeating every facets of our lives as they are increasingly becoming part of the mainstream electronics culture. Smart devices are quickly being incorporated into smart homes faster than ever. It’s already been predicted that, by 2020, there will be over 20 billion smart devices connected. IoT devices are already a huge part of how we interact with our vehicles, homes, appliances, and beyond….
Evidencing that IoT is taking off rapidly, Target operates a store in San Francisco that sells IoT devices exclusively. Likewise, there is big money in the IoT space currently, and it will only continue to grow as technology improves.
The collection of data by IoT devices will encourage the creation of even smarter ones. Municipal connected IoT devices, including smart traffic lights that utilize data to sync lights, are transforming cities into smart cities. Other smart IoT devices are improving cities’ overall efficiency and saving municipal governments money as everything can be remotely managed. Smart homes are currently using smart thermostats, lighting systems and coffee makers that collect data on occupants’ habits and patterns of usage to facilitate machine learning toward enabling efficiency.
Keeping These Devices Secure
With all these IoT devices connected, end-to-end security can present a real challenge. The best answer, however, is to utilize a security solution that not only provides end-to-end security but also encrypts the message all the way through.
Thus, devices with encryption keys that can decrypt the encrypted data, as it’s sent and received, are ideal. These devices also enable you to wrap the message body and leave all the actionable data in TLS. Whereas actionable data ought to be simple data like temperature information. Likewise, all inbound ports should remain closed at all costs to prevent your IoT devices from being open to vulnerabilities and DDOS attacks. Configuring devices for outward connections to only make outbound connections will keep the door closed and prevent applications access as well as access to services behind the open ports. The outward connection can be left open so the device can listen in with a secure tunnel back from the network.
The Publish-Subscribe Paradigm is A Great Solution to Many IoT Issues
Using the Publish-Subscribe model with protocols like MQTT, Websockets, or Streaming HTTP to send data on a small scale, ensures connection security to be secure but only works on a small scale. Utilizing such model, the publisher is given a write token and the subscriber a read token, and each token can be revoked at any time and tokens can also have an expiry. In addition, tokens can be set to work with only certain datastream (in this case channel names) so you can have control over what goes in and out of your network.
Utilizing solutions like PubNub help keep globally (large-scale )secure networks running as it also supports secure message delivery among devices. No need to setup your own servers no custom code(s) needed in order to communicate with your backend.
The key to a successful IoT project is to make provisioning incredibly fast and ensure that the entire user experience seamless.
The key characteristics that make IoT devices work include sensors for data acquisition and monitoring as well as actuators – the physical interface – to control the thing(s)( a smart thermostat, the dimmer switch in a smart light bulb, or the gear motors in a robotic vacuum cleaner ) as well as data processing and storage.
Moreover, IoT devices are also equipped to process sensor data, store that data locally, and provide the computing power that makes the device operate.
Having IoT devices both at home and on your corporate network means that your devices are widely exposed to malware attacks. In fact, your devices might have already been attacked or compromised while you not aware of it. By modifying your firewall to enable port-forwarding to allow your devices to be conveniently accessed from anywhere on the internet to monitor and control them, they are widely exposed to the internet.
Many IoT home security devices tested were found to have substantial vulnerabilities, including weak
passwords, lack of encryption when devices communicate over the network, as well as account enumeration (when using password reset feature to find valid user account IDs). All of the tested devices are likely to be a part of any smart home today: smart TVs, home thermostats, webcams, smart locks, and beyond.
The firmware and/or onboard software that runs an IoT device sit between the hardware and the outside world, and fall into one of two categories: embedded firmware or operating system-based (OS-based) firmware.
Many malware attacks are designed to test the defenses of the target by employing multiple attack vectors to exhaust all of its defenses in the process. Most of these attacks are characteristic of clever and resourceful hackers.
The attack vectors
Weak passwords and backdoors With some manufacturers emphasizing easy setup and use for end-users who are often not technically savvy, as well as their desire for automatic software upgrade and support, they provide some simple way to login to the device, like a single userid/password combination. Often times, these users leave the device’s login credentials unchanged.
Unfortunately, security features like encryption that is able to secure data over the network are often overlooked or not even considered by some manufactures. Likewise, many IoT devices do not support encryption.
Being on the Internet and accepting incoming traffic, devices are exposed and will come under attack. Most IoT devices already have little or no security and are particularly susceptible to attack.
As it sounds, a scan and takeover attack is comprised of two phases: the scan and takeover phase and
the attack launch phase, which are executed by a Command and Control (CNC) program. After the IoT device attack, the device is taken over and bent to the hacker’s will.
The CNC program is a malicious program that scans IP addresses on the internet looking for hosts with
open ports, and attempts to log in using a set of known default userid/password combinations (for
example, admin/admin, root/admin, user/user, and so forth), if a port is found open. If successful, a script runs and reports the device’s IP address, along with the login credentials to use and, subsequently, pushes the malware to the device that it needs to run the attack. The device is now controlled and awaits for the actual attack to take place.
While the device(s) owner is unaware of what is going on, the attack continues as other devices are taken over and referred to as bots. These types of attacks usually cause either DDos attacks (crippling the target host(s) by sending it/them so much HTTP (and other) traffic it/they cannot handle)) or spam bots.
Always change default passwords When you provision a new device, go into the management interface and change the password. If there is not a way to do this, and you plan to expose the device to the internet, consider using a device that allows you to. Likewise, remove devices with telnet backdoors.
Run regular port scans on all your devices There are multiple scanners out there that can enable you to run the tools yourself.
( For assistance, please contact us InternetOfThings@Bluelabelweekly.com )
Published by: Blue Label Weekly Magazine | [ Website ]
Answering consumer needs increasingly means helping them easily procure the items they want and at desirable discounts. Analytics derived from in-store IoT technology can enable grocery stores to instantly target promotions to opted-in customers and increase sales without the creep factor.
With expiration dates being a heavy burden on grocery stores, keeping a tight focus on moving goods out the doors takes center stage. To help spur purchases, grocery stores have to resort to the old strategies of sales and discounts. Likewise, close to 60 percent of grocery shoppers suggest they would buy more if given coupons as a healthy 30 percent are currently using grocery store’s app to get better deals, discounts and price comparisons.
Personalizing ads for and connecting with the customers who are most likely to take advantage of special sales and/or coupon campaigns at the right time can make a huge difference.
That said, combining in-store IoT offerings with analytics, detailed consumer data, beacons, radio-frequency identification (RFID), Wi-Fi as well as CRM can help cast discounting and other time-sensitive marketing campaigns info to customers, thereby, provide a viable solution. To make this possible, customers opt-in by signing up with the store’s app, allowing the retailer to send promotions via notifications or SMS messages and detect where they are in the store. Likewise, retailers can utilize proximity marketing along with in-store digital displays to feature personalized promotional offers as participating consumers approach.
Although some consumers are wary of privacy violations, a great percentage (70 % )of them is generally willing to trade information in exchange for valuable service (discounts, special access, events, services.) With privacy concerned addressed, info ( consumers’ purchasing histories, browsing behaviors, neighborhoods, birthdays and household income ranges, among other factors ) collected on these customers can be analyzed in order to extract actionable insights that can further be used to target the right customers.
Designing for the Internet of Things (IoT) also entails effectively provisioning for
connected products to work effectually. Every IoT systems incorporates physical ( devices, sensors, gateways,, etc….) as well as digital components( data extraction and secured communication, cloud servers, analytics, and dashboards) that collect data from physical devices and deliver actionable, operational insights.
As all the components need to be designed and their interdependencies fully accounted for, the core challenge for product and engineering teams designing IoT systems is turning IoT use cases into an actual connected system with full integration, the appropriate communication protocols, security, and a user-friendly look and feel.
Four Core Requirements
Interoperability Interoperability of connected system, as a core requirement, involves sensors, devices, equipment, and sites, to communicate and exchange data.
Record Keeping/Information transparency The continuous bridging between the physical and digital worlds the recording and virtual storing of physical processes .
Technical Assistance A driving benefit of IoT, “technical assistance” is the ability of connected systems to provide and display data that helps people with making better operational decisions and solving issues faster. Additionally, IoT-enabled devices must be designed to assist people in laborious tasks toward improving productivity and safety.
Connected system must go beyond assisting and exchanging data; they must also be able to utilized defined logic to make decisions and execute requirements.
Design Complexity and Built-in Solutions
With design complexity bringing a wealth of additional challenges, including the risk of making errors that can be very costly if not caught at an early stage of the design and development process, teams can leverage built-in IoT simulators, not only to validate the design and ensure there are no gaps in the data flows or use cases, but also to visualize system behavior and mistake-proof the logic ahead of development.
IoT Design Platforms Must-have Features/Tools
Ensure that your IoT development platform feature “Visual Modeling” and “ IoT Simulation “ tools that support prompt and precise IoT design.
Visual IoT modeling provides a canvas to define the mechanics, electronics, data connectivity, analytics, and dashboards of the entire system. It enables teams to effortlessly utilize their existing CAD models to the full IoT model along with all its added technology layers and use cases.
IoT Simulation’s Two Benefits
IoT simulation enables teams to quickly and easily validate the IoT system design by leveraging the platform built-in digital prototype to visualize how connected devices, edge and cloud servers, web and mobile apps interact with each other when an event is triggered, and iteratively refine the model based on the simulation runs.
IoT analytics simulation ensures that all needed data sources are accounted for in the design prior to development, by providing teams with a means to visualize the in-market insights ( dashboards and alerts taken from their model ) their IoT system will deliver
Physical Design And Communication Protocol
Granted the physical design of the system forms an integrated intelligent system, a host of factors must be well provisioned for:
Industrial machines must have sensors capable of generating significantly more data than ever before, and to send the information securely for analysis and action.
Rugged sensors – able to function under extreme conditions – must be properly placed in the device.
Identifying and using the most appropriate communication protocol to usefor data integration
Simplifying the complexities that arise in the physical design process entails utilizing hybrid development platforms for design and delivery. These platforms ensure that the physical design attributes necessary for systems to properly function and communicate, are virtually represented in the system model.
Utilize a Lean and Agile Design Methodology
Overcoming the many challenges that IoT presents involves the utilization of a combination of tactics toward accelerating and ensuring efficiency as well as success throughout the design process.
The agile methodology streamlines the entire process, maximizes Stakeholders Investments, and delivers what is needed when it is needed and nothing more. Leveraging the visual modeling and virtual prototyping features, teams are able to easily simulate the system design, present it internally, iterate and reiterate.
Design thinking puts emphasis on a customer-centric approach that reinforces the notion that an IoT system is a business solution addressing specific user needs.
Transitioning to IoT Product Design
Although the technology layers involved in IoT design require new skill sets, nearly one third of companies today lack the required resources (ie, data integration know-how, web and mobile app development, data analytics, and security ) necessary to design and deliver IoT products.
Faced with this new reality, many companies source additional partners.