# How Raspberry is different from Desktop computer.

# Raspberry Pi (Exemplary Device)

• Raspberry Pi is a low-cost mini-computer with the physical size of a credit card.
• Raspberry Pi runs various flavors of Linux and can perform almost all tasks that a normal
desktop computer can do.
• Raspberry Pi also allows interfacing sensors and actuators through the general purpose.
• I/O pins. Since Raspberry Pi runs Linux operating system, it supports Python "out of the box".
• Raspberry Pi is a low-cost mini-computer with the physical size of a credit card. Raspberry
Pi runs various flavors of Linux and can perform almost all tasks that a normal desktop
computer can do.
• Raspberry Pi also allows interfacing sensors and actuators through the general purpose I/O
pins.
• Since Raspberry Pi runs Linux operating system, it supports Python "out of the box".
The Raspberry Pi 4 board contains the following components:

1. General-purpose input-output pins: These pins are used to connect the Raspberry Pi to
electronic components.
2. Ethernet port: This port connects the Raspberry Pi to a wired network. The Raspberry Pi
also has Wi-Fi and Bluetooth built in for wireless connections.
3. Two USB 3.0 and two USB 2.0 ports: These USB ports are used to connect peripherals like
a keyboard or mouse. The two black ports are USB 2.0 and the two blue ports are USB 3.0.
4. AV jack: This AV jack allows to connect speakers or headphones to the Raspberry Pi.
5. Camera Module port: This port is used to connect the official Raspberry Pi Camera
Module, which enables the Raspberry Pi to capture images.
6. HDMI ports: These HDMI ports connect the Raspberry Pi to external monitors. The
Raspberry Pi 4 features two micro HDMI ports, allowing it to drive two separate monitors at
the same time.
7. USB power port: This USB port powers the Raspberry Pi. The Raspberry Pi 4 has a USB
Type-C port, while older versions of the Pi have a micro-USB port.
8. External display port: This port is used to connect the official seven-inch Raspberry Pi
touch display for touch-based input on the Raspberry Pi.
9. microSD card slot (underside of the board): This card slot is for the microSD card that
contains the Raspberry Pi operating system and files.
Uses :
1 Desktop PC : Using Raspberry Pi, the microSD card, and a power supply, a simple desktop
can be made.
2 Wireless print server : This requires installing Samba file-sharing software and CUPS
(Common Unix Printing System). CUPS provide drivers for the printer and administration
console.
3 Game Servers : It is an excellent game server for Minecraft.
4 Robot Controller : There is a dedicated robotics package for Pi, duly powered with the
device battery and used to communicate and control robots.
Raspberry Pi GPIO

• The Raspberry header is the key to its ability to interface with the real world. The Pi either
uses a 40-pin or 26-pin depending on the model and it is important to understand how those
pins are arranged and labelled.
• The GPIO header provides the following power and interface options :
-3.3V (on 2 pins)
-5V (on 2 pins)
-Ground (on 8 pins)
-General purpose input and output
-PWM (pulse width modulation)
-I2C
-12S
-SPI
-Serial
• These allow a massive range of sensors, motors, LEDs and accessories to be connected to the
Pi.
-3.3V pins: The 3.3V pins provide a 3.3V power supply to the external components, numbered
1 and 17.
-5V pins: The 5V pins are used to output the 5V power supply provided by the Type-C port.
The pins are numbered 2 and 4 on the Raspberry Pi 4 device.
-Ground pins: The ground pins are used to close the electric circuits. The ground pins help
you to protect your board from burning and play an important part in a circuit.
-GPIO Pins: These are the pins on your Raspberry Pi that perform various functions and each
pin is assigned a different task. Some pins are used as inputs, while others are used as outputs.
Input voltages ranging from 1.8V to 3V are considered high voltage, while voltages less than
1.8V are considered low voltage. You need to keep the voltage of the power supply below 3V
to protect your Raspberry Pi from burning. The GPIO pins built on Raspberry Pi devices are
used to perform various functions and their details are given below.
-Pulse Width Modulation: The GPIO pins are used for Pulse Width Modulation (PWM),
which is the process of converting a digital signal to an analog signal. All pins can perform
software PWM, but only a few can perform hardware PWM, including GPIO pins number 12,
13, 18, and 19.
-Inter-Integrated Circuit Pins on Raspberry Pi 4: Using the Inter-Integrated Circuit (I2C)
pins, the Raspberry Pi can control other peripheral devices attached to it. The communication
is possible using the pins Serial Data (SDA) and Serial Clock (SCL). The data is forwarded
using the SDA pin and the processing speed of data is controlled using the SCL pin. There is
another type of type of data called "Electrically erasable programmable read-only memory
(EEPROM)" data, which is in small quantities
-Serial Peripheral Interface Pins on Raspberry Pi 4 : Serial Peripheral Interface (SPI) pins
to communicate between devices such as sensors or actuators on the Raspberry Pi. The
Raspberry Pi sends data to a device via the Master Out Slave
-Pin (MOSI), and the same device communicates with the Raspberry Pi via the Master In Slave
Out (MISO) pin. SP communication necessitates using five GPIO pins for GND, SCLK, MOSI,
MISO, and CE. The CE pin is used to enable or disable circuit integration, whereas the SCLK
pin serves as a clock for SPI communication. The Raspberry Pi's SPI communication pins for
SPIO select GPIO9 as MISO, GPIO10 as MOSI, GPIO11 as SCLK, GPIO8 as CEO and GPIO7
as CE1
- Serial: The serial interface on Raspberry Pi has receive (Rx) and transmit (Tx) pins for
communication with serial peripherals.
# Interfaces (serial, SPI, I2C)
Serial: The serial interface on Raspberry Pi has receive (Rx) and transmit (Tx) pins for
communication with serial peripherals.
• UART, or Universal Asynchronous Receiver/ Transmitter, is a physical circuit in a
microcontroller or single integrated circuit (IC) that is used to implement serial communication
between devices in an embedded system.
•In UART communication, two UARTS communicate directly with each other; the UART on
the sender device, or the transmitting UART, receives parallel data from the CPU
(microprocessor or microcontroller) and converts it to serial data.
• This serial data is transmitted to the UART on the receiver device, or the receiving
UART. The receiving UART converts the received serial data back to parallel data and
sends it to the CPU. In order for UART to convert serial-to-parallel and parallel-to-
serial data, shift registers on the transmitting and receiving UART are used.
• In UART communication, only two wires are required for communication: data flows
from the Tx pin of the transmitting UART (Transmitter Tx) to the Rx pin of the
receiving UART (Receiver Rx).

• UART data is sent over the bus in the form of a packet. A packet consists of a start bit, data
frame, a parity bit, and stop bits. The parity bit is used as an error check mechanism to help
ensure data integrity.
• UART is considered to be "universal" because the parameters including transfer speed
and data speed are configurable by the developer.
• UART supports bidirectional data transmission, including half-duplex and full-duplex
operations. It is also asynchronous, meaning it doesn't use a clock signal to synchronize the
output bits from the transmitting UART to the sampling bits on the receiving UART.
• Without a clock, the receiving and transmitting UART need to be on the same baud rate,
or bit rate. This allows the system to know where and when the bits have been clocked.
SPI: Serial Peripheral Interface (SPI) is a synchronous serial data protocol used for
communicating with one or more peripheral devices.
• It operates using a master-slave paradigm that includes at least four signals: a clock
(SCLK), a master output/slave input (MOSI), a master input/slave output (MISO), and a
slave select (SS) signal.
• The SCLK, MOSI, and MISO signals are shared by all devices on the bus. The SCLK signal
is generated by the master device for synchronization, while the MOSI and MISO lines used
for data exchange.
• Additionally, each slave device added to the bus has its own SS line. The master pulls low
on а slave's SS line to select a device for communication.

• SPI communication supports full-duplex communication, meaning that both the master and
slave can transmit data simultaneously.
• The exchange itself has no pre-defined protocol which makes SPI ideal for data-streaming
applications. It also has no maximum speed; data speeds in excess of 100 MHz have been
achieved.
12C
The I2C interface pins on Raspberry Pi allow you to connect hardware modules.
• I2C interface allows synchronous data transfer with just two pins - SDA (data line) and
SCL (clockline).
• It is a bidirectional two-wire serial bus that uses serial clock (SCL) and serial data
(SDA) wires to send and manage data bit by bit between devices connected to the bus.
 • In I2C operations, the master controls the exchange of data between the devices. A
master device will signal to a slave in order to send data or request a response.
• To accomplish this, all slave devices must have a unique address that is included in the
I2C message.
• When sending data over the bus, each I2C message includes an address frame of the
slave device and one or more data frames containing the data being transmitted.
• The message also includes start and stop conditions, read/write bits from either the
master or slave, and ACK/NACK bits sent from the receiver for error checking.

# Comparing 12C, SPI, and UART Communication

# Introduction to Cloud Computing

• The Internet of Things (IoT) involves the internet-connected devices which are used to
perform the processes and services that supports way of life.
• Another component set to help lot succeed is cloud computing, which acts as a sort of
front end.
• Cloud computing is an increasingly popular service that offers several advantages to
IOT, and is based on the concept of allowing users to perform normal computing tasks
using services delivered entirely over the internet.
• In simple words, Cloud Computing means providing computing services over the
internet (called as cloud).
• The computing services include Servers, Software, Storage, Database, Networking,
Analytics, Intelligence etc.,
• A worker may need to finish a major project that must be submitted to a manager, but
perhaps they encounter problems with memory or space constraints on their computing
device.
• Memory and space constraints can be minimized if an application is instead hosted on
the internet.
• The worker can use a cloud computing service to finish their work because the data is
managed remotely by a server.
• Another example- you have a problem with your mobile device and you need to
reformat it or reinstall the operating system.
• You can use Google Photos to upload your photos to internet-based storage.
• After the reformat or reinstall, you can then either move the photos back to you device
or you can view the photos on your device from the internet when you want.
Types of Cloud Services
• Infrastructure-as-a-service(laaS) provides users the ability to provision computing and
storage resources. These resources are provided to the users as a virtual machine instances and
virtual storage.
• Platform-as-a-Service(PaaS) provides users the ability to develop and deploy application in
cloud using the development tools, APIs, software libraries and services provided by the cloud
service provider.
•Software-as-a-Service (SaaS) provides the user a complete software application or the user
interface to the application itself.
Cloud Storage API
• A cloud storage API is an application program interface that connects a locally-based
application to a cloud-based storage system, so that a user can send data to it and access
and work with data stored in it.
• To the application, the cloud storage system is just another target device, like tape or
disk-based storage.
• An application program interface (API) is code that allows two software programs to
communicate with each other.

• The API defines the correct way for a developer to write a program that
requests services from an operating system (OS) or other application.
• APIs are implemented by function calls composed of verbs and nouns.
• The required syntax is described in the documentation of the application being called.
How APIs Works
• APIs are made up of two related elements.
• The first is a specification that describes how information is exchanged between
programs, done in the form of a request for processing and a return of the necessary
data.
• The second is a software interface written to that specification and published in some
way for use. The software that wants to access the features and capabilities of the API
is said to call it, and the software that creates the API is said to publish it.
Why APIs are important
• The web, software designed exchange information via the internet and cloud computing
have all combined to increase the interest in APIs in general and services in particular.
• Software that was once custom-developed for a specific purpose is now often written
referencing APIs that provide broadly useful features, reducing development time and
cost and mitigating the risk of errors.
• APIs have steadily improved software quality over the last decade, and the growing
number of web services exposed through APIs by cloud providers is also encouraging
the creation of cloud-specific applications, internet of things (IoT) efforts and apps to
support mobile devices and users.
Basic Types of APIs
• APIs take three basic forms: local, web-like and program-like.
• Local APIs are the original form, from which the name came. They offer OS or
middleware services to application programs. Microsoft's .NET APIs, the TAPI
(Telephony API) for voice applications, and database access APIs are examples of
the local API form.
• Web APIs are designed to represent widely used resources like HTML pages and
are accessed using a simple HTTP protocol. Any web URL activates a web API.
• Web APIs are often called REST (representational state transfer) or RESTful
because the publisher of REST interfaces doesn't save any data internally between
 requests. As such, requests from many users can be intermingled as they would be
on the internet.
• Program APIs are based on remote procedure call (RPC) technology that makes a
remote program component appear to be local to the rest of the software.
• Service oriented architecture (SOA) APIs, such as Microsoft's WS-series of APIs,
are program APIs.
# Cloud Storage Models
• Cloud storage models are models of cloud computing that stores data on the internet
via cloud computing providers. These providers manage and operate data storage as a
service.
• Cloud storage is basically an online storage of data. Data that is stored can be accessed
from multiple connected devices, which constitute a cloud.
• Cloud storage can provide various benefits like greater accessibility and reliability,
strong protection of data backup, rapid deployment, and disaster recovery purposes.
• Moving to the cloud also decreases overall storage costs due to cutting costs incurred
on the purchase of storage devices and their maintenance.
• As companies have started embracing the virtual disk model, the landscape of the data
center is shifting.
• These models are pioneered in virtualization also providing new models that enable
fully virtualized storage stacks.
• The cloud environment tries to provide a self-service with a precise separation between
application and infrastructure.
The 3 different cloud storage models:
• Instance storage: Virtual disks in the cloud
• Volume storage: SAN sans the physical
• Object storage: Web-scale NAS
1 Instance storage: Virtual disks in the cloud
In a traditional virtualized environment, the virtual disk storage model is the eminent one. The
nomenclature of this model is based upon this very reason, instance storage, meaning storage
that is used like conventional virtual disks.
It is crucial to note that instance storage is a storage model, not a storage protocol.
This storage can be implemented in numerous ways. For example, DAS is generally used to
implement instance storage. It is often stated as ephemeral storage as the storage isn’t highly
reliable.
Advantages & Disadvantages
Hard drives that instance storages run on are physically attached to the EC2 hosts which are
running the store. Their endurance depends upon the lifetime of the instances attached to them.
Both Instance and Elastic Block Storage (EBS) volumes are stored in a series somewhere in
the same AZ. All the HDP’s and can be re-arranged with a new EC2 instance unless they are
bound to delete when the attached EC2 instance is terminated.
Due to the paucity of speed and persistence in instance storage, it’s usually used on data that
requires quick but temporary assessment, like swap or paging files.
However, it is also used to store data that requires regular replication to multiple locations.
Also, EC2’s using instance storage for their root device should keep a copy of their AMI on the
instance store disk because instance storage does not endure any data, which is the reason
behind longer boot time when compared to instances backed by EBS.
2 Volume storage: SAN sans the physical
Volume storage is also known as block storage. It supports operations like read/write and
keeping the system files of running virtual machines.
As suggested by its name, data is stored in structured blocks and volumes where files are split
into equal-sized blocks. Each block has its own address.
However, unlike objects, they don’t possess any metadata. Files are bifurcated into simpler
blocks of fixed size, storing large amounts of data, which are dispensed amongst the storage
nodes.
Advantages & Disadvantages
Public cloud providers allow the creation of various file systems on their block storage systems,
thus enabling users to store incessant data like a database.
Additionally, an Amazon EBS volume is accessed from an Amazon EC2 instance through an
AWS shared or dedicated network.
Another advantage of using volume/block storage is its backup mechanism. For example, AWS
EBS extends a snapshot feature that is necessarily an incremental point in a timely backup of
your volume.
3 Object storage: Web-scale NAS
Cloud-native applications need space, for storing data that is shared between different VMs.
However, often there’s a need for spaces that can extend to various data centers across multiple
geographies which is catered by Object storage.
For example, Amazon Simple Storage Service (S3) caters to a single space across an entire
region, probably, across the entire world.
Object storage stores data as objects, unlike others which go for a file hierarchy system. But it
provides for eventual consistency.
Each object/block consists of data, metadata, and a unique identifier.
What object storage does differently is that it tries to explore address capabilities that are
overlooked by other storages viz a namespace, directly programmable interface, data
distribution, etc.
Object storage also saves a substantial amount of unstructured data. This kind of storage is used
for storing songs on audio applications, photos on social media, or online services like
Dropbox.
Advantages & Disadvantages
Storing virtually unlimited files is one of many advantages for installing object storage. Having
an HTTP(S) based interface, object storage also maintains file revisions.
In this kind of storage, files are distributed in different nodes which means that to modify a file
you will need to upload a new revision of the entire file which can significantly impact
performance.
# IoT Web Server
The IoT web server is a platform that connects physical devices with the Internet, allowing
them to communicate and share data with each other. This is achieved through embedded
systems, software, sensors, and connectivity which enable these devices to exchange data with
the server and other connected devices. These servers are not limited to traditional computing
devices such as computers and smartphones, but also encompass everyday objects like home
appliances, vehicles, and even buildings.
The IoT web server functions as the bridge between devices and the web. It collects, processes,
and analyzes data from the connected devices and then makes it available to the user or other
devices. This enables users to remotely monitor and control their devices, while also allowing
devices to autonomously interact with each other. The server also provides security measures
to protect the data and maintain the privacy of the users.
Applications of the IoT Web Server
IoT web servers find application in a wide range of sectors.
• In the home automation industry, for example, they enable homeowners to control their
appliances, lighting, and heating systems remotely via their smartphones.
• In the healthcare sector, IoT web servers allow for remote monitoring of patient health,
thereby improving patient care and reducing healthcare costs.
• They also play a crucial role in industrial automation, where they enable real-time
monitoring and control of machinery, leading to increased efficiency and reduced
operational costs.
• In the transportation industry, IoT web servers facilitate the tracking of vehicles and
goods, providing valuable data for logistics and supply chain management.
• In agriculture, they enable precision farming by providing real-time data on weather
conditions, soil quality, and crop health. The possibilities are endless, and with
advancements in technology, the applications of IoT web servers are only set to
increase.
Benefits of the IoT Web Server
Connecting devices to the web via IoT web servers brings numerous benefits. For one, it
enhances convenience by allowing users to control and monitor their devices remotely. This
can save a significant amount of time and effort, particularly in industrial settings where
monitoring and controlling machinery can be a complex and time-consuming task.
Furthermore, IoT web servers facilitate data-driven decision making. By collecting and
analyzing data from connected devices, they provide valuable insights that can be used to
improve efficiency, reduce costs, and optimize operations. They also promote sustainability by
enabling energy-efficient practices, such as smart lighting and heating systems that adjust
according to user behavior and environmental conditions.
Challenges Facing the IoT Web Server
Despite its numerous benefits, the IoT web server also presents several challenges. Security is
a major concern, as connecting devices to the web exposes them to potential cyber threats.
Ensuring the privacy of user data is another challenge, given the vast amount of data collected
and shared by IoT devices.
Moreover, the large number of connected devices can strain network resources, leading to
performance issues. Managing these devices, particularly in large-scale IoT deployments, can
also be a complex task. Despite these challenges, ongoing advancements in technology are
continually improving the capabilities and reliability of IoT web servers.
# Cloud for the Internet of Things (IoT)
Cloud IoT is a technology architecture that connects IoT devices to servers housed in cloud
data centers. This enables real-time data analytics, allowing better, information-driven decision
making, optimization, and risk mitigation. Cloud IoT also simplifies management of connected
devices at-scale.
Cloud IoT is different from traditional, or non-cloud-based IoT in a few key ways:
• Data Storage: the cloud collects IoT data generated by thousands or millions of IoT
sensors, with the data being stored and processed in a central location. While in other
types of IoT architectures, data may be stored and processed on-premises
• Scalability: cloud IoT is highly scalable, as cloud infrastructure (compute, storage, and
networking resources) can easily handle thousands of devices and process their data
across large systems
• Flexibility: cloud IoT provides a high level of flexibility, as it allows devices to be
added or removed as-needed, without having to reconfigure the entire system
• Maintenance: in cloud IoT, the maintenance of servers and networking equipment is
handled by the cloud service provider (CSP). While in other types of IoT architectures,
maintenance may be the responsibility of the end user
• Cost: cloud IoT can be more cost-effective over the long-term, as users only pay for
the resources they actually consume, and users do not have to invest upfront in their
own expensive compute, storage, and networking infrastructure
How Does Cloud IoT Work?
Cloud IoT connects IoT devices – which collect and transmit data – to cloud-based servers via
communication protocols such as MQTT and HTTP and over wired and wireless networks.
These IoT devices can be managed and controlled remotely and integrated with other cloud
services.
IoT data is sourced from anywhere and everywhere, including sensors, actuators, operating
systems, mobile devices, standalone applications, and analytic systems. By involving the cloud,
vast amounts of IoT data can be stored and processed in a central location.
A cloud IoT system typically includes the following elements:
• IoT Devices: physical devices, such as sensors and actuators, that generate and transmit
data to the cloud
• Connectivity: communication protocols and standards used to connect the IoT devices
to the cloud. Examples of protocols include MQTT and HTTP, while examples of
standards are Wi-Fi, 4G/LTE, 5G, Zigbee, and LoRa (long range)
• Cloud Platforms: cloud service providers (CSPs) that offer infrastructure and services
to connect to the IoT devices. Examples include AWS IoT and Azure IoT
• Data Storage: cloud-based storage for data generated by the IoT devices, which can be
housed in repositories such as a database, data warehouse, or data lake
• Application Layer or API: cloud IoT platforms typically provide a native application
– for analytics, machine learning (ML), and visualization – or application programming
interface (API) – for data processing. Usually, applications offer the ability to manage
and monitor the IoT devices for provisioning, software updates, and troubleshooting
• Security: measures put in place to secure the data and IoT devices, such as encryption,
authentication, and access control
Example – Cloud and IoT System
To illustrate all of the above elements in action, consider the example of a wind farm. A typical
wind turbine can have about 108 sensors, and the average wind farm houses roughly 150
turbines, for a total of over 16,000 sensors. The data from these sensors might be sent to the
cloud for storage, via 5G cellular broadband.
Once the data is stored on cloud servers, it can be used to monitor wind turbine performance,
track turbine health, and adjust operating parameters as needed. Cloud IoT platforms also help
with predictive maintenance, which is useful given that wind turbines on such a wind farm
would be spread across an area of over 15 square miles (39 square kilometers), and downtime
could result in millions of dollars of losses per year.
At the same time, insights gleaned from the sensor data can inform decisions regarding the
deployment of new turbines or upgrades to existing ones.
Cloud Services for IoT
Cloud platforms deliver a collection of capabilities that allow Internet of Things (IoT) devices
to interact with cloud services, other applications, and even other IoT devices. These cloud
platforms let users centrally onboard, manage, monitor, and control IoT devices.
In addition, the cloud supports services such as scalable storage, device connectivity, analytics
and reporting, and identity and access management (IAM) in IoT.
Scalable Storage
Cloud IoT platforms provide scalable object storage services, such as Amazon Simple Storage
Service (Amazon S3), that allow organizations to easily increase or decrease their data storage
requirements. This type of flexibility is beneficial for IoT applications, as they often generate
large volumes of unstructured data and must be able to store this information without
sacrificing device performance.
Device Connectivity
Cloud-based IoT platforms offer straightforward, reliable, and secure connectivity at-scale
between physical IoT devices and cloud services. In turn, an organization can connect
thousands or millions of IoT devices to the cloud, without the need to provision or manage the
requisite servers and networking equipment.
Analytics and Reporting
Cloud-based IoT platforms are equipped with powerful analytics capabilities – in combination
with computing resources – that enable organizations to gain real-time insights into the large
datasets that IoT devices produce. Through sophisticated algorithms, such as predictive
modeling, statistical analysis, and machine learning (ML), IoT device data can be used to
improve efficiency and make better, information-driven decisions.
Additionally, IoT device data can be combined with other relevant data stored in the cloud to
extract meaningful insights for organizations. Furthermore, built-in data reporting features
offered by cloud services allow organizations to create useful reports based on collected IoT
data.
Identity and Access Management (IAM)
Security for the data generated by IoT devices can be protected in the cloud using Identity and
Access Management (IAM), which is an authentication and authorization service. IAM enables
organizations to grant or deny access to services and resources in the cloud for large numbers
of users with different access needs.
With so much IoT data being sent to the cloud, the granularity of IAM controls allows
organizations to comply with security and regulations that are relevant for storing and accessing
sensitive information.
# Security Management in an IOT System
IOT Security Concerns:
Poor vulnerability testing: Many IoT devices are developed with a focus on functionality
instead of security. So vulnerability testing—critical for identifying weaknesses before
deployment—is often neglected or poorly executed.
Unpatched vulnerabilities: Too many IoT devices run unpatched vulnerabilities due to a lack
of available updates or the complexity of applying patches. IoT devices often remain used for
extended periods, with no updates being applied or available.
Default passwords and weak authentication: Like the example above, a standard (yet
dangerous) practice is for IoT devices to ship with default passwords, which users frequently
neglect to change. Even if passwords are updated, they are often weak and easily compromised.
Outdated firmware and software: Once deployed, IoT devices are often left running on
outdated firmware or software, which makes them vulnerable to newly discovered exploits.
Poor device management and visibility: IoT devices are frequently deployed outside the
purview of IT departments, leading to a lack of visibility and control over them. This is another
example of Shadow IoT, which complicates efforts to secure networks as IT teams struggle to
manage and protect assets they’re unaware of.
Limited security integration: The diversity and sheer number of IoT devices present
significant challenges for integration into existing security frameworks. Many devices simply
aren’t designed to be compatible with traditional security systems.
Legacy assets: Many industries rely on legacy IoT devices designed and deployed years ago.
These older devices often lack the security features of more modern technology, and
organizations are reluctant to move on from them due to the cost and complexity of upgrading
or replacing them.
Data privacy concerns: The sheer volume of data generated by IoT devices raises significant
privacy issues: without proper safeguards, sensitive data can be exposed, leading to breaches
and misuse.
Remote work: The rise of remote and hybrid work has expanded the attack surface, as IoT
devices often connect to home networks with weaker security protocols.
Complex Environments: IoT ecosystems often operate within complex environments where
multiple devices, platforms, and protocols interact, creating complexity that can open security
gaps if not adequately managed.
Overwhelming data volume: The massive amount of data generated by IoT devices can
overwhelm traditional data management systems, making it difficult to ensure data integrity
and security.
APIs as entry points for attacks: APIs used in IoT environments are often targeted for attacks
such as SQL injection, distributed denial of service (DDoS), and MITM attacks.
Implementing IoT Security in 3 Steps
By following these three steps, organizations can build a comprehensive IoT security strategy
that addresses the unique challenges of managing these devices and mitigates the risks
associated with using them.
Step 1: Device Discovery
The first step in securing IoT is identifying the devices connected to your network, which
typically uses a device identification and discovery tool to automate three critical IoT security
functions:
• Autonomously and continually detect, profile, and classify IoT devices on the network
• Maintain a real-time inventory of devices
• Provide risk intelligence and insights for each asset class by continuously monitoring
across attack vectors.
Step 2: Risk Analysis
Once all IoT devices are identified, the next step is to conduct a thorough risk analysis, which
assesses the vulnerabilities and potential threats associated with each device and its
communication channels.
Key components of this step include:
• Vulnerability assessment: Regularly scan IoT devices for known vulnerabilities and
apply patches or updates where necessary to help identify weak points in the system
that attackers could exploit.
• Threat modeling: Evaluate how threats could impact the IoT ecosystem, including
determining how attackers might use compromised devices to infiltrate networks or
launch larger-scale attacks.
• Risk prioritization: Not all devices pose the same level of risk: prioritizing devices
based on their criticality to operations and their exposure to threats allows for more
focused security efforts.
Step 3: Monitor, Protect, and Enforce
The final step involves actively monitoring the IoT environment, applying protective measures,
and enforcing security policies to maintain a secure posture over time, which include:
• Continuous monitoring: Implement continuous monitoring to detect anomalies,
unauthorized access, and deviations from normal device behavior.
• Network segmentation: Segmenting IoT devices is equally important as any other
sensitive network area that shouldn’t be connected to the main network.
• Security enforcement: Enforce security policies such as mandatory updates, strong
authentication, and encryption, and take corrective actions when deviations occur.
• Incident response: Prepare a robust incident response plan specifically for IoT-related
incidents.