Lane Thames, Software Development Engineer and Security Researcher atTripwire:
“The Internet of Things (IoT) is exploding with many types of devices. Unfortunately, we don’t always know what a particular device is capable of doing. In this regard, physical security will need to evolve. Organizations who work with sensitive information will need to consider implementing a physical security policy. This policy will need to consider how to both vet and monitor devices that enter proximities where sensitive information is interacted with. There are a countless number of ways for miniature computing devices to enter our digital work zones along with a fast array of techniques these embedded systems can use to exfiltrate data within its sensory proximity. Looking for wireless signals is obviously a first choice, but other techniques making use of other sources such as thermal and acoustic signals exist too. As this portion of the industry evolves, industry standards for good physical security practices within the world of IoT will likely become common for even the smallest of organizations.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.