IoT Security in the Developer's Mind

Internet-enabled smart devices open up a new universe of possibilities for how consumers interact with the world.  But those same smart lightbulbs or TVs may pose a serious threat if their designers fail to strengthen the devices’ security protocols.  Last year’s Mirai distributed denial-of-service (DDOS) botnet attack was a wake-up call for the computing world. By targeting vulnerable Internet-connected cameras and other Internet of Things (IoT) devices, the massive botnet was able to redirect enough Internet traffic to a DNS provider to crash multiple high-profile websites.

It is no surprise then that IoT developers worry more about security than anything else - including interoperability, connectivity, and hardware integration.  The Eclipse IoT Working Group’s 2017 IoT Developer Survey shows that security has remained the number one concern among developers for the third straight year.  And just last month, a survey conducted by the Trusted Computing Group showed that 85% of IoT developers include security in their design considerations.  But all that concern and mindshare hasn’t yet resulted in consistently secure designs. The TCG study also found that fewer than a third of developers build privacy protections into their devices, and fewer than half build in secure storage or secure boot.  Worse, more than 25% of developers say they still don't offer user authentication and over 45% fail to provide secure device identity. 

So when it comes to securing IoT devices, there’s clearly much work left to be done.  Intel® recognizes that a secure world requires locking down the embedded platforms that impact our day-to-day lives.  We’ve been working with the developer community to architect easier-to-use tools for making IoT security a reality.  Intel also provides a simple way to enable robust, end-to-end hardware protection for devices through our powerful IoT Platform Reference Architecture.

Check out the IoT developer survey


You are welcome to follow me on LinkedIn and Twitter (@RJEche) for future insights, industry best practices, and discussions.


For more complete information about compiler optimizations, see our Optimization Notice.