Home » News » Internet of things: the future of prevention data

Internet of things: the future of prevention data

30 de December de 2014, by , Posted in News, 0 Comment

Recently, an international event of access to images generated by private camera video surveillance security systems showed how much we are vulnerable to hacker attacks due to the use of default passwords on devices. Cameras that allow users to have remote access are that give rise to the breach because it can be accessed from the Internet. The case has proved that Internet devices may include not only a privacy problem as well as data security. Images can be used to blackmail people – only in Brazil, more than two hundred cameras were invaded.

Public cameras located in the same network as your private computer or wireless devices allow the bad guys have access to your network. There are few places I know of that have network architectures that restrict access (known as VLANs). In a private residence is difficult for the average user to understand what is available from the Internet – it just plug it in and start navigating.

Many technologies, such as devices for affordable smartphones in the cloud and the Plug and Play, so common today, go right through firewalls. You must choose whether or not the transmission of private images is open to the world – with minimal work on Google and various databases, it’s easy to find out where this camera is installed and who lives in the house.

There is an Internet technology component of Things or Internet of Things (IoT), in English, which is not being addressed. Called small business or home network SOHO. The basic is that a pattern of your router or gateway are accessing the Internet or is potentially accessible through the Internet – and this has to stop. There is no reason for their private images are accessible to Internet criminals. You can protect these images with two-factor authentication – encryption via SSL or VPN technology – or some other type of secure application. Put anything directly on the Internet is an entirely bad idea. The monitoring platform managed MAX RemoteManagement of MAXfocus uses IP whitelist and an option for authentication 2FA.

This is the point and I am not a shareholder in a switching management company, but MSPs (managed service providers or managed service providers) need to understand VLANs and 802.1X. Just a few devices that do not need to be on the Internet and some who need limited Internet access. Modern small business network or home need a managed switch to deploy these technologies. It can be complex and you may need a nerd to deploy it and may involve certificates and encryption, and unless you have a research lab (which is the need of the MSP), you can not get it to work properly.

The idea is that you need to control what is outside your network and what is trying to invade it. If you have a smart meter in your home that need to connect with the power company, it should be on a separate network that only has access to the IP address on the Internet. It should not be on the same network as your home system or air conditioning or heating temperature control of your pool. This is simple to understand: a vulnerability in its digital video recorder should not end up completely compromise the iPad his daughter. This is what happens when a vulnerable device is placed on the same network with all the rest.

The Internet of Things will complicate the security environment at home, in business and in your daily commute. The concern of security managers is to Web servers, especially by different devices that have weak or default passwords. Unfortunately, many devices do not even require you to enter a unique password while logged, making room to cybers criminals.

The more devices with weak settings are added in the networks, the greater the vulnerability. Many wireless devices can guess passwords that give administrative access. Take, for example, a cybercrime module called Win32 / RBrute. It looks for default passwords on routers and access points from more than a dozen models. If he successfully logs on a router, it changes the default DNS (Domain Name System) for something malicious, such as fraud or access to other infected websites. This type of attack does not depend on the security of your computer, is a network attack layer, difficult to detect and very difficult to remove.

In the last four months, there were constant attacks on web servers as Heart Bleed and ShellShock, demonstrating the vulnerability of these embedded devices, forcing factories to produce patches for hundreds of thousands of devices. Many people believe that if your device is not exposed to the Internet, they have nothing to worry about. This could not be more worrying. Advanced malware seek exploitable devices within the network and end up finding a way to communicate with the criminals, since they already infected a device.

So, what are some tips to prevent?

  1. Register your device – manufacturers can better notify customers of security vulnerabilities.
  2. Repair and upgrade your device.
  3. Turn off unnecessary features – many devices come with “apps” and an abnormal amount of services.
  4. Change the default password – if your id or administrator password is discovered, you will have problems.
  5. Use the security features – some devices have lock-out capacity after attempts at stealing passwords and even built-in antivirus.
  6. Read reviews on the device you are looking to buy – take a good look at the reviews. If one mentions lack of security, it may be worth choosing another option.
  7. Monitor your device – performance metrics, activity logs and reports are important tools in the detection of compromised devices.

Full article: http://corporate.canaltech.com.br





Comments are closed.

Pesquisa

Testimonial

  • We are customers of SCM Concept since birth. Company that always provides the best solutions, combining logistics concepts our needs.

    Jean M. Weiss

    Systems analyst





    Condor S.A

  • We decided to implement our warehouse management system with the SCM team considering his vast knowledge on the subject and the high capacity of project management. Able to implement the project in a timely manner which ensured the success expected with a high degree of satisfaction … Homologamos SCM as our solutions provider for WMS.

    Mota Fernandes

    Manager T.I





    Tintas Iquine

  • The WMS is a key tool for the success of our operations. The SCM has become a strategic partner for Cadence, assist us in using this tool in the search for new technologies and process improvement. With a qualified team, the SCM has the distinction market your commitment to the customer, providing an agile and effective.

    Helvécio Rodolfo Deitos

    Manager T.I.





    Cadence

  • The WMS system implemented with the help of consulting SCM is being very important for our company Accumulators Moura S A.

    We have two distinct moments in the management of productive stocks, one before and one after the WMS.

    Currently we can control the level of inventory of supplies more effectively. We had gains in inventory, we increased warehouse productivity, increased reliability and consequently improve the care of our customer. Because the system allows dynamic addressing, reduce the possibility of increased building area to control the materials, ie, reduced potential investments in new buildings.

    Francisco Carlos Arrais Silva

    Supervisor of Materials





    Acumuladores Moura S.A