Internet of Things is one the biggest innovations of the IT industry but the connection between sensors and WLAN is subject to some security risks.
Internet of Things (IoT) is everywhere, a lot of objects are now connected to the internet via Wi-Fi: watches, house’s thermostats, pacemakers, doors, cars… IoT globally helps people in their everyday life, but it also implicates risks in data protection, as connected devices can be affected by malware or impersonated by hackers to steal personal data. That is why enterprises should set up strong security parameters and enforce their WLAN security.
The main problem of security about IoT comes from the smart objects themselves. In fact, these objects can easily be hacked or affected by malware. One solution to make it safer would be to configure each IoT sensor so that it connects only to secure and known SSIDs, with WPA2-enterprise authentication credentials. Eventually, the WLAN could be set to allow access only to known MAC addresses (or X.509 certificates).
This identification process would permit to protect networks against hackers, by avoiding impersonation (fake IoT sensors) by third parties.
The Wi-Fi Alliance is looking for solutions to improve the IoT sensor security without inhibiting the growth of the IoT over Wi-Fi. For example, the configuration of IoT devices is often done by someone with a smartphone, entering Wi-Fi credentials on the smartphone screen. Wi-Fi Alliance thinks that this model can be improved thanks to its vendor-independent DPP (Device Provisioning Protocol): the IoT device would be authenticated through an already-known user’s smartphone, while keeping credentials hidden from the user and secured.
Wi-Fi Alliance’s alternative is the Passpoint, a certification that guarantees network discovery and secured authentication: an access point doesn’t broadcast an SSID; instead, it communicates with a list of service providers and automatically authenticates authorized devices. But unfortunately, this standard is not widely deployed yet.