Chapter 5: Everything

Needs to be Secured

Introduction to the Internet of Things v2.0

Chapter 5 - Sections & Objectives
 5.1 Security in the Digitized World
• Explain why security is important in the digitized world.
• Explain the need for security in the digitized world.
• Explain how to help secure the corporate world.
• Explain how to secure personal data and devices.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
5.1 Security in the Digitized
World

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Why is Security so Important?
Types of Data

 The quantity, volume, variety, and immediacy of generated data has changed.

 Personally identifiable information (PII) or sensitive personal information (SPI) is data relating to a
living individual that can be used on its own or with other information to identify, contact, or locate a
specific individual.

 Informational data can also contain sensitive information concerning corporate secrets, new product
patents, or national security.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Why is Security so Important?
 The Good Guys
Who Wants our Data?
• Legitimate companies that have an agreement in place
to use the collected data about you.
• We agree to this in “Terms and Conditions” or “Terms
of Service and Agreements”
• White hat hackers who test security to help protect data.
 The Bad Guys

• Black hat hackers, want access to collected data for

many nefarious reasons:
• To access user IDs and passwords to steal identities
• To access data to commit a crime.
• To sell the information to a third party.
• To modify the data or disable functionality on a device.
• To disrupt or to damage the image of a legitimate
company.
• To create political unrest or to make a political
statement. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Why is Security so Important?
Data in the Wrong Hands
 Login credentials and other personal data
for more than one Million Yahoo and Gmail
accounts are reportedly being offered for
sale on the dark web.
 Cybercriminals penetrated Equifax (EFX),
one of the largest credit bureaus, in July
2017 and stole the personal data of 145
million people
 A breach of MyFitnessPal affected 150
million users.
 Ransomware attackers stole 57 million
drivers and rider accounts from Uber.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Why is Security so Important?
Security Best Practices

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Protecting the Corporate World
Physical Security
 Outside perimeter security - on-
premise security officers, fences, gates,
continuous video surveillance, and
security breach alarms.
 Inside perimeter security - continuous
video surveillance, electronic motion
detectors, security traps, and biometric
access and exit sensors.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Protecting the Corporate World
Challenges of Securing IoT Devices
 Increasing Number of Devices -
The number of interconnected
sensors and smart devices is
growing exponentially, increasing the
opportunity for attacks.
 Non-Traditional Location of
Devices - Some connected IoT
devices are able to interact with the
physical world.
 Lack of Upgradeability - IoT
sensor-enabled devices may be
located in remote and/or inaccessible
locations where human intervention
or configuration is almost impossible.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Protecting the Corporate World
Safe Wi-Fi Usage

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Protecting the Corporate World
Protecting Devices
 Keep the Firewall On

 Manage Your Operating System and Browser

 Protect All Your Devices

 Use Antivirus and Antispyware

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Securing Personal Data and Devices
Smart Homes
 Smart sensors in our homes increase the
potential for security issues.
 The sensors could provide a way for
hackers to get into our home network and
gain access to any PCs and data that are
connected to it.
 Before purchasing home security systems,
it is very important to research the
developer and the security and encryption
protocols that are in place for its products.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Securing Personal Data and Devices
Public Hotspots
 Safety rules to follow when using a public or
unsecure Wi-Fi hotspot:
• Do not access or send any sensitive personal
information
• Verify that your computer is configured with
file and media sharing, and that it requires
user authentication with encryption.
• Use encrypted virtual private network (VPN)
tunnels and services.
 Bluetooth can be exploited by hackers to
eavesdrop on some devices, establish
remote access controls, distribute malware,
and drain batteries.
• Turn off when not in use.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Securing Personal Data and Devices
Setting up a VPN on Smartphones

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
5.2 Chapter Summary

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Chapter Summary
Summary
 The quantity, volume, variety, and immediacy of generated data has changed.

 Personally identifiable information (PII) or sensitive personal information (SPI) is data relating to a
living individual that can be used on its own or with other information to identify, contact, or locate a
specific individual.

 Informational data can also contain sensitive information concerning corporate secrets, new product
patents, or national security.

 White hat hackers test security to help protect data.

 Black hat hackers, want access to collected data for many nefarious reasons.

 Outside perimeter security - on-premise security officers, fences, gates, continuous video surveillance,
and security breach alarms.

 Inside perimeter security - continuous video surveillance, electronic motion detectors, security traps, and
biometric access and exit sensors.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Chapter Summary
Summary (Cont.)
 Challenges of securing devices on the IoT:
• Increasing Number of Devices - The number of interconnected sensors and smart devices is growing
exponentially, increasing the opportunity for attacks.
• Non-Traditional Location of Devices - Some connected IoT devices are able to interact with the physical
world.
• Lack of Upgradeability - IoT sensor-enabled devices may be located in remote and/or inaccessible locations
where human intervention or configuration is almost impossible.
 Know the steps to protect your company’s wireless network.

 Steps for protecting your own devices:

• Keep the Firewall On
• Manage Your Operating System and Browser
• Protect All Your Devices
• Use Antivirus and Antispyware

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Chapter Summary
Summary (Cont.)
 Smart sensors in our homes increase the potential for security issues.

 Safety rules to follow when using a public or unsecure Wi-Fi hotspot:

• Do not access or send any sensitive personal information
• Verify that your computer is configured with file and media sharing, and that it requires user
authentication with encryption.
• Use encrypted virtual private network (VPN) tunnels and services.

• Set up a VPN on your smart phone.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18