Home/ Blog/Posts Tagged "Internet of Things"

Internet of Things Device Security: Five Simple Steps (video)

Posted on:

Device security is a critical and complex step in designing an Internet of Things strategy. Digi’s Chief Technology Officer, Joel Young, discusses five critical areas of IoT security.

Cover these, and you’re on the right path:

  • secure boot
  • authentication
  • protected ports
  • storage
  • secure connections

In this five minute video, Joel shares which questions to ask and what steps to take in order to ensure strong IoT device security.

You can get the transcript of this video here, and learn more about Digi TrustFence here.

Endress+Hauser Chose Digi Connect Sensor+ Cellular Gateway for Inventory Management

Posted on:

Endress+Hauser, a manufacturer of instrumentation measurement technology for the process industry, looked to Digi to help develop a more robust inventory management system to take better advantage of the data from their flow, level, pressure and temperature measurement devices.

“We are serving the chemical industry, oil and gas, pharmaceutical, food and beverage, primaries and water and wastewater reserve-focused industries,” explains Thiemo Fichter, head of product management inventory management solutions, Endress+Hauser. “There, we can measure pretty much every process variable.”

Most customers were still in the manual inventory monitoring mode, unable to automate the replenishment process to get product when and where they needed it consistently. Digi Connect Sensor helped E+H collect and deliver the information customers needed to make more timely replenishment decisions.

“We provide this inventory information into the business process. Our customers can get everything out of one hand, from the sensor in the physical world via the connectivity of the data, converting this into information up to the level where we integrate this information into our customer’s business process, their ERP landscape.”

In the video below, Ficthter explains why Endress+Hauser chose Digi Connect Sensor+ Cellular Gateway

Learn more about Digi Connect® Sensor+ here >> 

5 Lessons Learned from the Mirai DDoS Attack

Posted on:

Security is always top of mind when it comes to IoT devices and applications. The recent Mirai DDoS attack in October 2016 is an important reminder that IoT device manufacturers—and consumers—need to be vigilant with security, both out of the box and at home.

Recently, Andrew Lund, Digi’s Product Marketing Manager for Wireless M2M and IoT, shared his thoughts with IoT Evolution on the Mirai attack and what lessons could be learned to help improve security for IoT devices and applications. Below is an excerpt of five of Andrew’s best practices from IoT Evolution’s piece, which you can read in full here.

  1. Change default passwords:
    Given the attack vector that Mirai used, it’s clear that one area Device OEMs can make design decisions to increase security is with respect to passwords. The days of leaving the default password unchanged are over, so manufacturers must either force users to change passwords or create a “default” passwords that are unique to each individual IoT device.
  2. Don’t allow insecure ingress protocols:
    Mirai malware contains “killer” scripts that remove other worms and Trojans, allowing Mirai to maximize its use of the infected host device. But Mirai also goes one step further and closes processes that are used for remote ingress attempts, like Telnet, SSH, and HTTP.
  3. Secure remote management tools:
    Efficient, cost-effective method of remotely monitoring, updating and managing connected devices. Users can set performance parameters for healthy devices and create reports and alarms for suspicious activity. Using a remote manager that incorporates PCI-DSS and other relevant security certifications in the cloud such as HIPAA and NIST allow users to define a device profile, assign the profile to all devices in a group, and monitor and auto-remediate any variances. The best remote management tools can also restrict incoming traffic to only allow SSL connections, eliminating unencrypted TCP connections.
  4. Firmware updates:
    Firmware updates must be completed securely (authentication) and automatically, or at a minimum, users must be notified/prompted when a new firmware update is available.
  5. Packet encryption:
    This consists of basic encryption, such as FIPS-197/AES, to protect messages from unauthorized viewing or malicious changes. This method is easy to implement and use, especially in conjunction with private keys.

TO LEARN MORE, READ THE FULL POST HERE >>

Big Data and IoT Team Up for the Gaming and Lottery Industries

Posted on:

Online gaming and virtual gambling have risen significantly due to increased mobile accessibility, social media, technology advancements and expanded internet connectivity. Big Data and the Internet of Things (IoT) are proving to be even more of a game changer for these industries by collecting large amounts of data, from a variety of gameplay data sources, while rapidly connecting and communicating to thousands of sites.

You may experience this IoT evolution when you are playing Words With Friends® on your smartphone with college classmates across the country, or when you play poker on your computer with complete strangers across the globe. Regardless of your gaming or gambling experience, we all know how critical real-time connection is when we are trying to win. Now translate those wins into $6 billion of revenue, and the stakes of rapid connectivity are significantly heightened like for the world’s largest slot machine manufacturer International Game Technology (IGT) . With more than 400,000 point-of-sale devices in 100 countries, watch the video below to learn why IGT turned to Digi TransPort® LTE wireless routers to keep those bets and wagers flowing:

The 10 Security Factors Every Device Designer Should Consider

Posted on:

The following is an excerpt from our recent whitepaper, IoT Device Security, Built-in, Not Bolt-on: The 10 Security Factors Every Device Designer Should Consider. This guide was written to help you navigate security consideration before they become threats, so you can get back to designing the best IoT product or application possible.

The Rising Tide of Security Threats

Limited only by designers’ imaginations, the Internet of Things (IoT) is changing how people live. From medical devices and fitness trackers to tank sensors, smart thermostats, intelligent streetlights, water monitors, and more, the IoT is in more places than ever.

However, by relying on wireless networks, those hundreds of millions of IoT devices present a greater “attack surface,” making them tempting frontline targets for competitors, hackers, disgruntled employees, and other bad actors. Unfortunately, the tools and techniques we’ve applied to PC/smartphone platforms often don’t work well in the IoT, for several reasons:

  • Resource Limitations – Small-footprint IoT devices typically have far less battery power, processing speed and memory. They lack the power and sophistication required to support traditional security measures.
  • Data Complacency – Many companies view the data in their IoT networks as mundane and having little intrinsic value outside the organization. But many breaches are motivated by other factors, such as competitive advantage, social status, or revenge. The data isn’t the goal – the hack is.
  • Availability of Tools– The tools and expertise to analyze and modify embedded/IoT devices are widely available – even to hobbyists.
  • No Physical Access Required– One of the advantages of the IoT is that devices can be remotely configured/upgraded without the need for dispatching a truck. However, thanks to wireless connections, hackers don’t need physical access to devices such as USB or other I/O ports.
  • Interface Differences– Embedded devices have no GUIs, and error messages can be as basic as a coded series of beeps or flashing lights. This is particularly true for security status and control functions allowing for security alarms to be overlooked.
  • Hardwired Ports– These provide unfortunate opportunities for compromise. IoT solutions can’t simply implement a strong password over a TLS connection – the most common approach for PC/Internet applications.

IoT solutions need a different approach and the effort required to identify and mitigate unique security risks in embedded systems is often underestimated, if not overlooked entirely.

>> To learn more, read the full whitepaper here.

3 Holiday DIY Internet of Things Projects

Posted on:

With Black Friday and Cyber Monday behind us, the holidays are officially in full swing. To help get you in the holiday spirit, we’ve curated some of our favorite connected creations that take holiday celebration to the next level.

Here are some of our favorite Internet of Things-powered projects to keep you occupied this holiday season.

Enjoy!

Internet of Things (IoT) meets the Internet of Holidays (IoH)

The OpenDNS Security Labs team took a look at IoT patterns throughout the holiday season and examines the patterns that emerged.

Internet of Things Christmas Tree

Make your own IoT Christmas tree with this handy how-to from our friends at Instructables!

The IoT Holiday Lights Project

Find out what Twitter, a Christmas tree, and minions all have in common with this clever IoT holiday project.


Have you seen a worthy holiday IoT project? Let us know in the comments below, and we’ll add it to the list!

Planet e: Electronica and the IOT

Posted on:

digiThe Digi team had a great time at Electronica 2016, a trade show that takes place every other year in Munich.

This year over 73,000 attendees and 2,800 exhibitors helped the event live up to its billing as “the best place to see the entire world of electronics here—on Planet e.”

But, what impressed us the most was the number of applications and topics, as the Internet of Things (IOT) is bringing innovations that permeate every industry and product category.

Exhibits covered topics ranging from automotive and industrial process control to consumer wearables and connected health. Embedded computing and integrated sensors along with ubiquitous connectivity are truly transforming every industry.

Here are a few creative ways we saw engineers using embedded computing and connectivity:

To learn more about how Digi can help make your product smarter and connected to the IOT click here.

IoT Smart Record Player

Posted on:

First time Digi XBee users, successfully created the Smart Record Player at the 2016 IoT Hack Day in Minneapolis, MN that was organized by IoT Fuse. This Clank, Clank, Clunk record player was created using “off the shelf parts” and “off the shelf technology” also known as the Digi XBee module and the Digi XBee Cloud. This allowed the hackers to solely focus on creating this master piece within the 12 hour time-frame.

The Clank, Clank, Clunk record player created by Ken Chang and his team using Digi XBee at the 2016 IoT Hack Day.

You can watch one of the creators, Ken Chang, explain the smart project in more detail and Get the full Clank! Clank! Clunk! story on Devpost

Contact a Digi expert and get started today! Contact Us
Have a Question?