Multi-Factor Authentication Is Crucial for IoT Security

2023-02-21

关注

Multi-Factor Authentication Is Crucial for IoT Security — Illustration: © IoT For All

The billions of IoT (Internet of Things) devices that connect the world are streamlining everyday life. Health care, smart homes, and manufacturing firms are just some of the industries that benefit from the data collection and automation that IoT can provide. However, the more devices, the more chances hackers take to tamper with and steal sensitive data. That’s where multi-factor authentication in IoT comes in.

IoT devices are often connected to each other and, in turn, to the internet. If a hacker gains access to an unsecured IoT device, they could alter functionality for a whole host of devices. Hardware, software, and connectivity all need adequate security to protect devices and data from unauthorized forces.

“If a hacker gains access to an unsecured IoT device, they could alter functionality for a whole host of devices.”
-Zac Amos

In fact, a 2017 ransomware attack on Britain’s National Health Service affected IoT devices like MRI scanners, equipment, and computers, all placing patients at risk. Clearly, IoT security is critical for protecting data and lives across the world.

One way to achieve a fortified IoT connection is through multi-factor authentication (MFA), which requires various pieces of evidence to allow access to a device or network. This method is crucial for the future of IoT, whether it be in smart fridges or health monitoring devices.

Why Is Multi-Factor Authentication in IoT So Crucial?

Most passwords are either weak enough to be hacked or too complex to remember. With single-factor authentication, brute force attacks can knock these flimsy passwords out in seconds.

Many IoT devices are also more minimalistic than the typical smartphone, laptop, or tablet, so users cannot log onto these interfaces directly. Verification is key, as security depends on administrative actions to log on.

However, MFA is better at validating identity with specific evidence. Today, many banks, social media platforms, and health organizations require two-factor authentication (2FA) in the form of SMS codes and one-time passwords sent to the user’s phone. MFA works similarly but requires more than two pieces of evidence to authenticate. This is ideal for businesses or any organization that handles sensitive information.

MFA will gather evidence in four key areas to verify the identity of the user:

Knowledge that only the user would know, such as a password or pre-selected security question. For example, they may ask, “What was the name of your childhood pet?”
Possession of unique ownership like a key fob or card
Inherent biometric characteristics like fingerprints or retinal scan
Location and time of log on

With all these verification forms, it is much harder for hackers to succeed. Multi-factor authentication is known to protect against phishing, social engineering, key logging, and brute force attacks.

Tips for Implementing Multi-Factor Authentication in IoT

Though it’s clear that multi-factor authentication is critical to eliminating cyberattacks and building better security measures, only 57% of surveyed businesses used MFA to protect their devices. Implementing MFA is the best way to protect data and ward off cyberattacks, so companies can use these tried and tested methods for using MFA.

1. Incorporate Across the Board

Once multi-factor authentication is implemented into the IoT system, it’s best to incorporate it everywhere. IoT is often connected through the internet and similar networks, so don’t stop at securing heavy-duty and sensitive systems. Devices that aid in temperature control are just as important as heart monitors or electrical towers. If a hacker gains access to one, they may be able to travel to others on the network.

Extend the multi-factor upgrade beyond IoT as well. Google and PayPal are some of the big businesses incorporating MFA into payment services. This level of protection is ideal for everyday people and businesses alike to safeguard their finances and communications.

2. Try Auto-Generated SMS Codes

SMS codes are convenient and more secure than authentication emails. They require the user to have access to another trusted device like their smartphone, as well as the IoT device itself. It’s also a timely method. Codes are generated and sent to the trusted device within minutes so users can keep everyday routines on schedule. SMS-generated codes are one of the most popular methods of possession authentication and check all the boxes on simplicity and security.

3. Explore Biometric Scanning

Biometric scanning is a fascinating way for high-security businesses to verify a user down to their inherent biological traits. Behavioral biometrics analyze a person’s movements, such as keystrokes, gestures, and tone of voice. Physiological biometrics examine facial structure, fingerprints, and retinas. With cameras attached to IoT devices or at key checkpoints, these systems can verify multiple biological factors on a person without waiting for codes, scanning a card, or inputting a password.

While compelling and streamlined, biometric scans are expensive and better suited for highly sensitive operations.

4. Provide Employee Education

Educating employees on the power of MFA is vital to fortifying IoT security. If they need clarification on methods, updates, or the importance of safety, they could make lapses in judgment or accidentally leave room for security breaches.

Make sure there is an alert system enabled for employees as well. If one of their credentials is used without their knowledge, an automated alert can notify them and the proper security teams immediately. Placing security in their hands gives them greater responsibility and purpose for their MFA actions.

5. Keep it Straightforward

Ultimately, integrating MFA into IoT should be as streamlined as possible. Many organizations use various IoT-connected devices, so marking down codes and passwords hundreds of times a day is not conducive to a proper workday. To ease this burden, employers can require MFA apps like Google Authenticator.

MFA for the Future

IoT connects the world in a multitude of ways, so protecting its integrity is critical to the success of any organization or user. In an instant, a hacker could gain access and tamper with operations and data. But with the discerning power of multi-factor authentication in IoT, people can feel more confident in the security of their IoT devices far into the future.

Cybersecurity
IT and Security
Security

Cybersecurity
IT and Security
Security

参考译文

多因素身份验证对物联网安全至关重要

数十亿连接世界的IoT(物联网)设备正在简化日常生活。医疗保健、智能家居和制造公司只是受益于物联网可以提供的数据收集和自动化的一些行业。然而，设备越多，黑客篡改和窃取敏感数据的机会就越大。这就是物联网中的多因素身份验证的用武之地。物联网设备通常相互连接，进而连接到互联网。如果黑客获得了不安全物联网设备的访问权，他们就可以改变整个设备的功能。硬件、软件和连接都需要足够的安全性来保护设备和数据免受未经授权的攻击。“如果黑客获得了不安全物联网设备的访问权限，他们就可以改变整个设备的功能。”事实上，2017年针对英国国家医疗服务体系的勒索软件攻击影响了核磁共振扫描仪、设备和计算机等物联网设备，所有这些设备都将患者置于危险之中。显然，物联网安全对于保护世界各地的数据和生活至关重要。实现强化物联网连接的一种方法是通过多因素身份验证(MFA)，这需要各种证据来允许访问设备或网络。这种方法对物联网的未来至关重要，无论是在智能冰箱还是健康监测设备中。大多数密码要么太弱，容易被破解，要么太复杂，难以记住。使用单因素身份验证，暴力攻击可以在几秒钟内破坏这些脆弱的密码。许多物联网设备也比典型的智能手机、笔记本电脑或平板电脑更简约，因此用户无法直接登录到这些界面。验证是关键，因为安全性取决于登录的管理操作。然而，MFA更擅长用具体的证据来验证身份。如今，许多银行、社交媒体平台和卫生组织都要求以短信代码和一次性密码的形式发送到用户手机的双因素身份验证(2FA)。MFA的工作原理类似，但需要两个以上的证据来验证。这是处理敏感信息的企业或任何组织的理想选择。MFA将在四个关键领域收集证据，以验证用户的身份:有了所有这些验证表单，黑客成功的难度要大得多。众所周知，多因素身份验证可以防止网络钓鱼、社会工程、密钥记录和暴力攻击。虽然多因素身份验证对于消除网络攻击和建立更好的安全措施至关重要，但只有57%的受访企业使用MFA来保护他们的设备。实施MFA是保护数据和抵御网络攻击的最佳方法，因此公司可以使用这些经过试验和测试的方法来使用MFA。一旦多因素身份验证实现到物联网系统中，最好将其整合到所有地方。物联网通常通过互联网和类似网络连接，因此不要止步于保护重型和敏感系统。帮助控制体温的设备和心脏监测器或电子塔一样重要。如果黑客获得了访问权限，他们就可以访问网络上的其他用户。将多因素升级扩展到物联网之外。谷歌和PayPal是将MFA纳入支付服务的一些大公司。这种级别的保护对于普通人和企业来说都是理想的，可以保护他们的财务和通信。短信代码比认证电子邮件更方便、更安全。它们要求用户能够访问另一个受信任的设备，比如智能手机，以及物联网设备本身。这也是一个及时的方法。代码生成并在几分钟内发送到受信任的设备，这样用户就可以按计划进行日常工作。短信生成的代码是最流行的所有权认证方法之一，并在简单性和安全性方面进行所有检查。对于高安全性的企业来说，生物特征扫描是一种很有吸引力的方式，可以验证用户固有的生物特征。行为生物识别技术分析一个人的动作，如击键、手势和语调。生理生物识别技术检查面部结构、指纹和视网膜。通过将摄像头连接到物联网设备或关键检查点，这些系统可以验证一个人的多种生物因素，而无需等待代码、扫描卡片或输入密码。生物识别扫描虽然引人注目且简化，但价格昂贵，更适合于高度敏感的操作。教育员工了解MFA的力量对于加强物联网安全至关重要。如果他们需要说明方法、更新或安全的重要性，他们可能会在判断上出现失误，或意外地为安全漏洞留下空间。确保为员工设置了警报系统。如果他们的某个凭证在他们不知情的情况下被使用，自动警报会立即通知他们和适当的安全团队。把安全交到他们手中，使他们对自己的MFA行动负有更大的责任和目标。最终，将MFA集成到物联网中应该尽可能简化。许多组织使用各种物联网设备，因此每天记录数百次代码和密码不利于正常工作。为了减轻这种负担，雇主可以使用像谷歌Authenticator这样的MFA应用程序。物联网以多种方式连接着世界，因此保护其完整性对任何组织或用户的成功都至关重要。黑客可以在瞬间获得访问权限并篡改操作和数据。但随着物联网中多因素身份验证的识别能力，人们可以对未来物联网设备的安全性更有信心。

您觉得本篇内容如何

评分

声明：转载此文是出于传递更多信息之目的。若有来源标注错误或侵犯了您的合法权益，请与我们联系，我们将及时更正、删除，谢谢。