An Internet of Things software development kit should facilitate secure data transmission by passing along a unique identifier for the device, a secure access token or certificate and by creating an encrypted tunnel via TLS.
A mobile app must be its own fortress and never assume platforms are encrypted, authenticated, use VPN or require a PIN for security.
The recent distributed denial-of-service (DDoS) IoT attack against DNS is a wake up call to how fragile the Internet can be.
Rather than extending your entire network out to mobile devices via VPN, publish individual services through a web gateway or the cloud. Most remote employees gain access to Intranet resources through a virtual private network (VPN). Using 3rd party or built-in software, employees provide credentials and sometimes a smartcard to create a VPN tunnel. Once... Continue Reading →