Cyber Interview: security by design and the IoT - who's responsible?
What should we expect from security by design?
Firstly, we should expect security by design to foster real commitment to securing personal and confidential data in order to arrive at a solid trust mechanism. Subsequently, it should be able to protect us from cyberattacks. The whole point of security by design is precisely to allay users’ concerns about the security of their private data whenever they use connected objects (IoT). This applies both to industry professionals and consumers alike, as connected objects — as the name implies — use built-in information technology, and are here to stay. The main challenge of security by design is being able to implement it in such a way that no one needs to worry about it even though it is at the center of our lives.
The main challenge of security by design is being able to implement it in such a way that no one needs to worry about it even though it is at the center of our lives.
Closely tied to this commitment is the responsibility of vendors and service providers to ensure that best security practices are implemented and enforced. This begins from the moment the object is designed and continues throughout the life cycle of the object. For example, we often hear about vendors advising their users to change the installation passwords on a new software program or device whenever they use it for the very first time. This approach is the first step towards responsibility in security by design, but is still a long way from meeting the expectations described here.
In reality, it is quite obvious that users simply do not feel any pressure to change the installation passwords on their devices, creating an enormous cybersecurity vulnerability that may have potentially devastating consequences. The cyberattack on Dyn that took place in October last year, bringing down large swaths of the Internet, should be a teachable moment on the importance of security by design. During that attack, hackers managed to flood the company’s network using a Distributed Denial of Service (DDoS) attack technique, a weapon of choice for launching large-scale attacks. That allowed them to exploit security vulnerabilities on objects that were connected to IP address servers that the company managed, before remotely taking over control of the network without raising any red flags, thereby cutting off Internet access for millions of private individuals and organizations and disrupting the worldwide web.
What should be the minimum level of security?
The first best practice is to make it harder to access a connected object or device, so the minimum level of security to be implemented should be the strengthening of passwords used to connect to a particular device. This requires users to take into account the cybersecurity risks that connected objects entail, and take effective action. As for vendors and service providers, it will be their responsibility to make users change the installation passwords on their devices once they are deployed. If users were given a choice not to do so, it is highly likely that they would continue to use the default IDs on their devices, such as admin/password for example.
Users must complete a mandatory step that would prevent them from using the connected device until and unless they ensure secure access.
This step is one of the expectations that we should have with regard to security by design. It can also be a driving force behind digital trust since it allows users to deepen their involvement and awareness while strengthening security on their connected objects, and playing their part in creating a safer online environment.
More than just security by design, commitment to global awareness
The benefit of making users change their installation passwords goes beyond security by design. It is a cybersecurity practice that all users must adopt and advocate in order to raise global awareness of the risks relating to negligent use of IT resources.
Many vendors already do so, including WALLIX, but it should be implemented systematically. For example, whenever our clients install a Bastion, before proceeding with anything else, the user of the admin account must first change the default password. We do also recommend going a step further by setting rules for making passwords more complex (for example, a minimum of 8 characters, combining uppercase and lowercase letters, numbers, special characters, etc.), or even requiring that the “generic” administrator account be deleted soon after the initial deployment of the solution. This additional stage will then make it possible to promote an ordinary user to a super-user, with credentials that will be harder to crack.
Want to find out more? Contact our experts!