IoT Security

The Challenge of Software Updates for Vulnerable IoT Devices

The Internet of Things (IoT) is emerging in every aspect of our lives, from home automation, factory automation to smart cities and public spaces. In an IoT network, the devices are continually sharing data, processing publish-subscribe sensor data, co-dependent tasks, optimizing solutions over the cloud.  Like other data sharing networks, the Internet of Things is susceptible to identity thefts, security breaches, and infiltration.

The security of an IoT network is only as good as the individual security features of edge devices in the network, i.e., the weakest link. If one device is compromised, all other devices on the network and the central system can be compromised. Since IoT requires mass installation of data collection sensors, the vulnerability in one of the devices can impact thousands of devices and ultimately your organization’s data. Numerous OEM manufacturers are involved in the production-supply chain of IoT devices and sensors. The vendors set the devices with default login and passwords. Next batches in the production also come with the same default login and password. After an IoT implementation, for home or work, the default login and password are never changed. These and other loopholes make IoT devices highly vulnerable to malicious attacks.

Many OEMs involved in the production of IoT devices lack deep expertise in embedded device, firmware and standards and protocols security. Even more disturbing is that from a profit maximization perspective, it doesn’t often make sense for IoT device and component manufacturers to make the necessary investment into securing their edge devices. Consequently, security is not made a priority. Such devices are susceptible to unencryption and interception attacks by hackers.

Software updates keep the new bugs, issues and security threats in check. Involvement of multiple companies at various production steps causes misalignment of incentives in providing software updates for IoT devices. Apart from that, most of IoT devices have low processing power and small memory which is just enough to perform the allocated tasks. IoT devices aren’t sophisticated enough to feature proper security standards and to deliver software updates via the Internet. Many IoT devices are too critical to stop the operation for software updates. Even if an IoT device is sophisticated enough to accommodate software updates and can afford to shut down for such updates, the intensive energy consumption will decrease its life span. These real-world conundrums faced by the industry and IoT device manufacturers.

IoT devices are built to last 15-20 years. Long lifecycle of IoT products makes it impossible to design a product that remains invulnerable over such long span of time. Frequent software and security updates and on-going customer support are expensive yet what are practical solutions to this problem plaguing the IoT industry? Post your comments below.

Achieve IoT Success
We understand the challenge of transforming an organization to embrace the Internet of Things. Let us help you increase your probability of success.

Contact Amyx+ for a free initial consultation.
About Amyx+ IoT Business Transformation | Strategy | Innovation | Product | Data Analytics
  • Voted Top IoT Influencer by Skyhook
  • Voted Top IoT Rockstar by HP Enterprise
  • Voted Top IoT Influencer by Inc. Magazine
  • Voted Top in the Business of IoT by Relayr
  • Voted Top Global IoT Expert by Postscapes
  • Voted Top IoT Authority by the Internet of Things Institute
  • Featured as a Top Internet of Things Company by Postscapes
  • Voted Most Influential in Smart Cities and IIoT by Right Relevance
  • Winner of the Cloud & DevOps World Award for Most Innovative Vendor

Amyx+ is an award-winning IoT business transformation firm specializing in IoT strategy, innovation & product development. As a thought leader in the Internet of Things, Amyx+ has the creative horsepower and the development prowess to execute even the most complex client engagements. Amyx+ is working with international and multinational enterprises to help 1) understand the impact of IoT disruptions, 2) formulate and sharpen their IoT strategy, 3) quantify the business case, 4) experiment, learn, validate, 5) develop game changing technologies, and 6) launch innovative IoT products and services worldwide. We employ a flexible methodology and approach to fit the client and needs & objectives while adapting to changing IoT environments. We have presence in San Francisco, NYC, and throughout Europe.