Internet of Things Security Management Policies and Procedures

            The aim of this paper is to provide deep insights regarding the security management policies & procedures regarding the internet of things (IOT). IOT has gain immense importance in the 21st century because of the technological advancement. IOT has revolutionized the world and have provided solution to a lot of problems. IOT can be defined as the network of various devices connected with each other to interact & share data with each other (Russell and Duren). Through IOT the internet connectivity has been expended beyond the traditional devices which include smartphones, desktops and laptops. Today the IOT is connecting devices such as cars, ovens and other electronic equipment’s. Since the number of devices increased the usage and challenges related to IOT have also increased as a result. One of the biggest challenges is related to the security policies of IOT. The data of the users contain sensitive information which can be used for wrong purposes (Li and Xu). The paper will discuss various security related challenges and how those challenges can be overcome through proper policies. The paper is divided into four main sections. The first section is the introductory section, second section discuss the components & key challenges in IOT, third section discuss the management policies & procedures and in the end the paper provide recommendations & conclusion.

IOT Practices to Large Companies of Internet of Things Security Management Policies and Procedures

            Internet of things (IOT) can be defined as the network of devices. Different devices are connected with each other so that they can interact and share data with each other. In the past the devices like laptops, desktops and smartphones were connected with internet to exchange information (Bhattacharjee). However IOT has allows individuals to connect other electronic devices with the internet as well. Today the experts believes that everything that is around us can be connected such as vehicles, home appliances etc. IOT has lots of applications and can provide more convenience to the society. IOT can be used in Medical health care, creation of Smart homes and for modernizing the current industrial processes (Management Association). It can be said that IOT has lots of advantages and have many applications for the future however there are lots of challenges that needs to be addressed in order to make this technology more beneficial for the users. One of the major challenge is the security concern that should be addressed to enhance the benefit (Jayakumar, Lee and Lee).

Components of IOT of Internet of Things Security Management Policies and Procedures

Following are the key components of the IOT that are discussed in detailed below:

Sensors & Physical Devices of Internet of Things Security Management Policies and Procedures

        OT ecosystem consist of analytics, cloud application and all the aspects related to the internet. The physical devices & sensor have the ability to gather the information (Mahalle and Railkar). After gathering the information the devices react accordingly. The devices or sensors are programed to perform various functions according to the information provided. The devices are the most important part of the IOT mechanism and without devices IOT system would not work (Roman, Zhou and Lopez).

Infrastructure & Connection of Internet of Things Security Management Policies and Procedures

            In the internet of things the devices needs to be connected with each other which means that necessary infrastructure is required for the connectivity of the devices. It means that internet infrastructure, storage, could, security and data processing facilities would be needed for the IOT system (Dawson, Eltayeb and Marwan). In the IOT system it is important that the information should be stored and secured for the users (Aziz, Arenas and Crispo). The data security is important because data breaches can cause financial loss of the individuals. Various technologies can be used for enhancing the security and privacy of the network (Rajpoot, Varshney and Nailwal).

Applications & Analytics of Internet of Things Security Management Policies and Procedures

            Various applications and analytics are developed to provide various benefits to the users. Through various applications the users can perform various tasks such as finding various locations, perform payments and sharing important data. The applications & analytics are developed by keeping the preferences and needs of the customers in mind. Specific applications are made for providing convenience to the users however they also raise security & privacy concerns as well (Chen and Erfani, A note on security management of the Internet of Things). It is important for the App manufacturers to enhance the security of the user data otherwise various issues Can arise in future which will not only effect the users but also to the business which are related to App manufacturing

Source: https://wikisites.cityu.edu.hk/sites/netcomp/articles/Pages/InternetofThings.aspx

Key Challenges & Threats to IOT

Security & Privacy of Internet of Things Security Management Policies and Procedures

            The privacy and security is a major challenge for the IT experts and in the growth of IOT ecosystem. Since more devices are connected with the internet the level of security concern has increased up to lot of extent. Today the users of the devices share sensitive data that can be used for inappropriate purposes through which the users can face financial loss (Wang, Bao and Wu). Therefore it is important to develop such security management policies which allow IT organizations to improve the security of the whole IOT ecosystem (Jayakumar, Lee and Lee).

Ecosystem of Internet of Things Security Management Policies and Procedures

        The IOT ecosystem consist of all the aspects of internet, devices and connectivity infrastructure. AS the IOT is experiencing growth over time more things are started entering into IOT ecosystem like everyday objects. It means that the level of complexity will increase up to lot of extent which would arise a lot of other problems from the security & privacy point of view (Jonckers). In future more advance mechanism would be needed for the management of such a complex IOT ecosystem which can only be done through strong management policies (Zarpelão, Miani and Kawakani).

Data & Information of Internet of Things Security Management Policies and Procedures

            The data & information would be a great challenge in the future. It is evident that more storage would be needed for storing and protecting the data. When huge amount of devices are going to be connected than the amount of data would be in large number and it is up to the IOT experts to manage the data efficiently (Chen, Security Management for The Internet of Things).

Man in the middle attack of Internet of Things Security Management Policies and Procedures

            The man in the middle attack would be one of the major threats for the IOT in the future. Man in the middle attack means that the third individual can intervene between two individuals when they are sharing information. Through this the third individual can hack the information and can use it for its own benefit. It means that the other two persons can face severe consequences due to this data breach (Liu, Zhao and Li). Over the years IOT experts have taken necessary actions to improve

DoS Attack of Internet of Things Security Management Policies and Procedures

            Denial of Services (DoS) Attack is among the most common cyber-attack and is major threat for IOT mechanism. The attack can cause the devices to become unavailable for use for the users. In order to mitigate or control such attacks necessary measures have to be taken for improving the security of the IOT system (Kasinathan, Pastrone and Spirito).

Source: https://www.ijcsmc.com/docs/papers/June2016/V5I6201699a9.pdf

Security Management policies & Procedures for IOT

Following are the main Security Management policies & Procedures which have been implemented to improve the security & privacy:

Attack Counter Measure Policy of Internet of Things Security Management Policies and Procedures

            The cyber attackers can get information about the security information keys and through this they might be able to reprogram the devices according to their own preferences. If group key has been implemented than the entire IOT network can get effected. The policy of forming unique keys can mitigate or control such cyber-attacks (Rajpoot, Varshney and Nailwal).

FTC Policies & Regulations of Internet of Things Security Management Policies and Procedures

            FTC (Federal Trade Commission) has allowed the corporations to create built in security in the devices which are being used in the IOT framework. For collecting the data FTC thinks that involving customer would be a great idea because through this not only the trust of the users can be gained but also new strategies for the improvement security can also be made.

Enhancement of data integrity of Internet of Things Security Management Policies and Procedures

            It is important to enhance the integrity of the data through encryption. When the data is going to be encrypted the man in the middle attack will be controlled up to lot extent. When the data is encrypted it becomes nearly impossible for the individual to decipher it (Roman, Zhou and Lopez).

Source: https://www.ijcsmc.com/docs/papers/June2016/V5I6201699a9.pdf

Conclusion on Internet of Things Security Management Policies and Procedures

        If all the above discussion is summarized than it is evident that IOT ecosystem consist of analytics, cloud application and all the aspects related to the internet. The physical devices & sensor have the ability to gather the information. After gathering the information, the devices react accordingly. The devices or sensors are programed to perform various functions according to the information provided. The cyber attackers can get information about the security information keys and through this they might be able to reprogram the devices according to their own preferences. If group key has been implemented than the entire IOT network can get effected. The policy of forming unique keys can mitigate or control such cyber-attacks.

Recommendations of Internet of Things Security Management Policies and Procedures

            It is recommended to the IOT experts to work according to the set guidelines. It is recommended to the organizations or IT experts to use authentic or trusted IOT devices so that no privacy/security concern could arise in the future. FTC have formed various policies for the improvement of security therefore it is responsibility of the It expert to create IOT ecosystem in accordance with the policies. FTC (Federal Trade Commission) has allowed the corporations to create built in security in the devices which are being used in the IOT framework.