Broadband Internet Technical Advisory Group (BITAG) today released a report outlining a set of guidelines it believes could dramatically improve the security and privacy of IoT devices and minimize the costs associated with the collateral damage that would otherwise affect both end users and ISPs. The report has also warned that unless manufacturers and distributors of IoT devices improve device security and privacy, consumer backlash may impede the growth of the IoT marketplace and ultimately limit the promise IoT holds.
Other observations made in the report include:
- Insecure Communications: Many of the security functions designed for more general-purpose computing devices are difficult to implement on IoT devices and a number of security flaws have been identified in the field, including unencrypted communications and data leaks from IoT devices.
- Data Leaks: IoT devices may leak private user data, both from the cloud (where data is stored) and between IoT devices themselves.
- Potential for Service Disruption: The potential loss of availability or connectivity not only diminishes the functionality of IoT devices, but also may degrade the security of devices in some cases, such as when an IoT device can no longer function without such connectivity (e.g., a home alarm system deactivating if connectivity is lost).
- Device Replacement May be an Alternative to Software Updates—for Inexpensive or “Disposable” Devices: In some cases, replacing a device entirely may be an alternative to software updates. Certain IoT devices may be so inexpensive that updating software may be impractical or not cost-effective.
BITAG Technical Working Group has provided a number of recommendations which including:
- IoT Devices Should Be Restrictive Rather Than Permissive in Communicating: When possible, devices should not be reachable via inbound connections by default. IoT devices should not rely on the network firewall alone to restrict communication, as some communication between devices within the home may not traverse the firewall.
- IoT Devices Should Continue to Function if Internet Connectivity is Disrupted: IoT device should be able to perform its primary function or functions (e.g., a light switch or a thermostat should continue to function with manual controls), even if it is not connected to the Internet.
- IoT Devices Should Continue to Function If the Cloud Back-End Fails: Many services that depend on or use a cloud back-end can continue to function, even if in a degraded or partially functional state when connectivity to the cloud back-end is interrupted or the service itself fails.
- IoT Devices Should Support Addressing and Naming Best Practices: Many IoT devices may remain deployed for a number of years after they are installed. Supporting the latest protocols such as IPv6 for addressing and naming will ensure that these devices remain functional for years to come. IoT devices should also support the use or validation of DNS Security Extensions (DNSSEC) when domain names are used.
The lead editors of were Jason Livingood, Vice President of Technology Policy & Standards at Comcast and Nick Feamster, Professor of Computer Science at Princeton University. Douglas Sicker, Executive Director of BITAG, Chair of BITAG’s Technical Working Group, Department Head of Engineering and Public Policy and a professor of Computer Science at Carnegie Mellon University, chaired the review itself.