SlideShare uma empresa Scribd logo

Internet of Things Security

Thom. Poole
Thom. Poole

Security has been low on the agenda for many companies (hopefully, unintentionally), and as we enter the age of the Internet of Things (IoT) or Internet of Everything (IoE), security should be flawless. Thom Poole delivered a presentation on the issues and thinking around security for this new sector.

Tecnologia
1 de 17
© 2014 KlugTech www.klugtech.com Data Security Privacy – we need it, why don’t companies provide it? Thom Poole
 Chief Innovation Officer
© 2014 KlugTech www.klugtech.com State of Play •  The Internet of Things (IoT) is already here •  Connected devices talking to one another •  Ambient Intelligence (AmI) – making decisions •  Can be found in: •  Domestic •  Enterprise •  Transport (vehicles & networks) •  Healthcare •  Utilities •  Public sector •  Retail •  Education •  Cities & urban developments •  Agriculture © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com Security 4 key factors •  Something you KNOW •  Something you ARE •  Something you DO •  Something you HAVE
© 2014 KlugTech www.klugtech.com Something you KNOW •  Password •  Username •  Personal details (mother’s maiden name, etc.) •  Contact details BUT: Once compromised, published or stolen – it cannot be used again Human’s are often sloppy in their security with this (reveal it readily, or
 use the same details for multiple sites) © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com Something you ARE •  Biometrics – fingerprints, iris/retina scans, voice print, facial recognition, etc. BUT: once the data is digitised, it could be compromised. It can, however, not
 be easily faked (at the moment)
© 2014 KlugTech www.klugtech.com Something you DO •  Generally a gesture or tick BUT: Can easily be mimicked. Once the gesture is digitised, it could
 be compromised
© 2014 KlugTech www.klugtech.com Something you HAVE •  A device (mobile phone, key fob passcodes, etc.) •  A key •  An access app or programme © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com Data Management •  People and companies entrust sensitive data to others, but if
 data management is insecure… •  Recent breaches include some big-name companies •  So who can you trust?
© 2014 KlugTech www.klugtech.com CRM •  Database driven marketing •  Stores all customer data, transactions •  Users can access all information, download, etc. •  Open to abuse © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com Security Management •  Too trusting of people •  Rely on a single factor – Something you KNOW •  Intelligence is flawed •  Trust must be restored •  People have too much access to too much information, and have consistently proven themselves as a weak link. •  Over reliance on a password, which is required in full. Back up factors such as mother’s maiden name is also frequently asked, and too easy to get hold of. •  Machine intelligence is too easy to breach as it stands, and is therefore flawed.
© 2014 KlugTech www.klugtech.com Riskiest Employee Practices 1.  Accessing the Internet via unsecured wireless networks 2.  Failing to delete unnecessary but confidential information from computers 3.  Sharing passwords with others 4.  Using the same username/ passwords 5.  Using generic portable drives without proper encryption 6.  Leaving computers unattended & unsecured 7.  Failing to notify firm after loss of portable drives 8.  Failing to shield screens/ data when working in insecure areas 9.  Carrying/accessing unnecessary sensitive information 10.  Using personal devices to access company networks © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com Swiss Banks •  Trusted ‘secret-keepers’ for decades •  Accounts were ‘numbers’ •  No recorded mass breaches •  Still have a good reputation Banking secrecy was enshrined in Swiss law since 1934 – and only amended in 2004. It could be argued that the amended view is not yet fully complied with.
© 2014 KlugTech www.klugtech.com Learn from the Secret-Keepers •  Have to KNOW your number •  Have to HAVE your key •  Have to HAVE some identity •  Have to KNOW which bank A single element was not enough… Why is it OK for the IT industry? © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com Physical Security •  We can use a range of measures to keep people out, and/or away from sensitive data files and servers •  Why do all files need to be in one place (eggs & baskets!)? •  Why do individuals need access to ALL the information… ever? © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com Security Example Would you leave your car… •  On the highway •  With the keys •  Unlocked •  With the registration documents Datacentres are often know, or signposted Physical access can be overcome – in datacentres, physical access needed be on site, it can also be via the internet Data is often in unencrypted files – encryption is only involved in the transfer process Data is often stored together – so usernames, passwords, personal data, etc., are all grouped together, so even a minor breach could provide a complete view of a customer or group of customers
© 2014 KlugTech www.klugtech.com What’s Stopping You? •  Take security seriously •  Split up your databases •  Use encrypted, multi-point security •  Limit data access •  Keep parts of your system clean & free from all outside influences •  Work with your customers © 2014 KlugTech www.klugtech.com
© 2014 KlugTech www.klugtech.com KlugTech •  KlugTech was created to address the usability and security of the Internet of Things •  We have created a modular approach to securing your systems, but a single, safe interface •  Domestic Solutions •  Enterprise Solutions •  Transport Solutions •  Healthcare Solutions •  Public Sector Solutions •  Smart Power Solutions •  Retail Solutions •  Delivery/Logistic Solutions •  Education Solutions •  Smart City Solutions •  Agricultural Solutions •  Security Solutions www.klugtech.com

Recomendados

Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
You cant secure yesterday
You cant secure yesterdayYou cant secure yesterday
You cant secure yesterdayNetDef
 
Not IF, but WHEN
Not IF, but WHENNot IF, but WHEN
Not IF, but WHENMichael Scheidell
 
20190523 Breach Notification Wizard: Lessons in Knowledge Management!
20190523 Breach Notification Wizard: Lessons in Knowledge Management!20190523 Breach Notification Wizard: Lessons in Knowledge Management!
20190523 Breach Notification Wizard: Lessons in Knowledge Management!3Lions Publishing, Inc.
 
Oper8 document management solution v2.0
Oper8 document management solution v2.0Oper8 document management solution v2.0
Oper8 document management solution v2.0Tony Riley
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsMichael Scheidell
 

Recomendados

Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
You cant secure yesterday
You cant secure yesterdayYou cant secure yesterday
You cant secure yesterdayNetDef
 
Not IF, but WHEN
Not IF, but WHENNot IF, but WHEN
Not IF, but WHENMichael Scheidell
 
20190523 Breach Notification Wizard: Lessons in Knowledge Management!
20190523 Breach Notification Wizard: Lessons in Knowledge Management!20190523 Breach Notification Wizard: Lessons in Knowledge Management!
20190523 Breach Notification Wizard: Lessons in Knowledge Management!3Lions Publishing, Inc.
 
Oper8 document management solution v2.0
Oper8 document management solution v2.0Oper8 document management solution v2.0
Oper8 document management solution v2.0Tony Riley
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsMichael Scheidell
 
uLaw Security Simplified - Whitepaper
uLaw Security Simplified - WhitepaperuLaw Security Simplified - Whitepaper
uLaw Security Simplified - WhitepaperuLawPractice Jillian Lim
 
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Michael Scheidell
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
A Brave New World
A Brave New WorldA Brave New World
A Brave New WorldSensePost
 
Traklight | 85 Broads How to Prepare for Funding | IP
Traklight | 85 Broads How to Prepare for Funding | IPTraklight | 85 Broads How to Prepare for Funding | IP
Traklight | 85 Broads How to Prepare for Funding | IPTraklight.com
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are ComingErnest Staats
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updatedAdvent IM Ltd
 
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertInterview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertMuhammad Khan
 
Network nags - when security fails
Network nags - when security failsNetwork nags - when security fails
Network nags - when security failsRishabh Dangwal
 
Securing your Data, Reporting Recommended Practices
Securing your Data, Reporting Recommended PracticesSecuring your Data, Reporting Recommended Practices
Securing your Data, Reporting Recommended PracticesJohn Martin
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Introducing Security Guardian from ExactTrak
Introducing Security Guardian from ExactTrakIntroducing Security Guardian from ExactTrak
Introducing Security Guardian from ExactTrakSimon Cuthbert
 
What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...James Mulhern
 
How & Why SME's Go On The Internet
How & Why SME's Go On The InternetHow & Why SME's Go On The Internet
How & Why SME's Go On The InternetThom. Poole
 
AM Briefing: Security for the internet of things
AM Briefing: Security for the internet of things AM Briefing: Security for the internet of things
AM Briefing: Security for the internet of things Defence and Security Accelerator
 
Security in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) EcosystemSecurity in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) Ecosystemrahulbindra
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things SecurityTutun Juhana
 
PCI DSS en la Nube
PCI DSS en la NubePCI DSS en la Nube
PCI DSS en la NubeInternet Security Auditors
 
Hardware Security
Hardware SecurityHardware Security
Hardware SecurityMani Rathnam
 
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of ThingsEnabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Thingsteam-WIBU
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 

Mais conteúdo relacionado

Mais procurados

Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Michael Scheidell
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
A Brave New World
A Brave New WorldA Brave New World
A Brave New WorldSensePost
 
Traklight | 85 Broads How to Prepare for Funding | IP
Traklight | 85 Broads How to Prepare for Funding | IPTraklight | 85 Broads How to Prepare for Funding | IP
Traklight | 85 Broads How to Prepare for Funding | IPTraklight.com
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are ComingErnest Staats
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updatedAdvent IM Ltd
 
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertInterview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertMuhammad Khan
 
Network nags - when security fails
Network nags - when security failsNetwork nags - when security fails
Network nags - when security failsRishabh Dangwal
 
Securing your Data, Reporting Recommended Practices
Securing your Data, Reporting Recommended PracticesSecuring your Data, Reporting Recommended Practices
Securing your Data, Reporting Recommended PracticesJohn Martin
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Introducing Security Guardian from ExactTrak
Introducing Security Guardian from ExactTrakIntroducing Security Guardian from ExactTrak
Introducing Security Guardian from ExactTrakSimon Cuthbert
 
What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...James Mulhern
 

Mais procurados (13)

uLaw Security Simplified - Whitepaper
uLaw Security Simplified - WhitepaperuLaw Security Simplified - Whitepaper
uLaw Security Simplified - Whitepaper
 
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
 
A Brave New World
A Brave New WorldA Brave New World
A Brave New World
 
Traklight | 85 Broads How to Prepare for Funding | IP
Traklight | 85 Broads How to Prepare for Funding | IPTraklight | 85 Broads How to Prepare for Funding | IP
Traklight | 85 Broads How to Prepare for Funding | IP
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are Coming
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updated
 
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertInterview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
 
Network nags - when security fails
Network nags - when security failsNetwork nags - when security fails
Network nags - when security fails
 
Securing your Data, Reporting Recommended Practices
Securing your Data, Reporting Recommended PracticesSecuring your Data, Reporting Recommended Practices
Securing your Data, Reporting Recommended Practices
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloud
 
Introducing Security Guardian from ExactTrak
Introducing Security Guardian from ExactTrakIntroducing Security Guardian from ExactTrak
Introducing Security Guardian from ExactTrak
 
What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...
 

Destaque

How & Why SME's Go On The Internet
How & Why SME's Go On The InternetHow & Why SME's Go On The Internet
How & Why SME's Go On The InternetThom. Poole
 
Security in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) EcosystemSecurity in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) Ecosystemrahulbindra
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things SecurityTutun Juhana
 
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of ThingsEnabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Thingsteam-WIBU
 
RootedCon 2017 - Workshop: IoT Insecurity of Things?
RootedCon 2017 - Workshop: IoT Insecurity of Things?RootedCon 2017 - Workshop: IoT Insecurity of Things?
RootedCon 2017 - Workshop: IoT Insecurity of Things?Internet Security Auditors
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Ahmed Mohamed Mahmoud
 
The competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsThe competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsIoTAnalytics
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefBill Chamberlin
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gInternet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gMohan Kumar G
 

Destaque (16)

How & Why SME's Go On The Internet
How & Why SME's Go On The InternetHow & Why SME's Go On The Internet
How & Why SME's Go On The Internet
 
AM Briefing: Security for the internet of things
AM Briefing: Security for the internet of things AM Briefing: Security for the internet of things
AM Briefing: Security for the internet of things
 
Security in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) EcosystemSecurity in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) Ecosystem
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things Security
 
PCI DSS en la Nube
PCI DSS en la NubePCI DSS en la Nube
PCI DSS en la Nube
 
Hardware Security
Hardware SecurityHardware Security
Hardware Security
 
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of ThingsEnabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Things
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
RootedCon 2017 - Workshop: IoT Insecurity of Things?
RootedCon 2017 - Workshop: IoT Insecurity of Things?RootedCon 2017 - Workshop: IoT Insecurity of Things?
RootedCon 2017 - Workshop: IoT Insecurity of Things?
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"
 
The competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsThe competitive landscape of the Internet of Things
The competitive landscape of the Internet of Things
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gInternet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
 

Semelhante a Internet of Things Security

Secure CRM Management
Secure CRM ManagementSecure CRM Management
Secure CRM ManagementThom. Poole
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsAndrew S. Baker (ASB)
 
Windstream Cloud Security Presentation
Windstream Cloud Security PresentationWindstream Cloud Security Presentation
Windstream Cloud Security PresentationIdeba
 
Jms secure data presentation
Jms secure data presentationJms secure data presentation
Jms secure data presentationJMS Secure Data
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
[Austria] Security by Design
[Austria] Security by Design[Austria] Security by Design
[Austria] Security by DesignOWASP EEE
 
How to Manage the Great BlackBerry Migration
How to Manage the Great BlackBerry MigrationHow to Manage the Great BlackBerry Migration
How to Manage the Great BlackBerry MigrationTroy C. Fulton
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
Five Best Practices for Maximizing Mobility Benefits
Five Best Practices for Maximizing Mobility Benefits Five Best Practices for Maximizing Mobility Benefits
Five Best Practices for Maximizing Mobility Benefits United Technology Group (UTG)
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersWSO2
 
Google FIDO Authentication Case Study
Google FIDO Authentication Case StudyGoogle FIDO Authentication Case Study
Google FIDO Authentication Case StudyFIDO Alliance
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud
 
The Connected World
The Connected WorldThe Connected World
The Connected WorldThom. Poole
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyersdarrentthurston
 
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecurityLock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecuritySmartCompliance
 

Semelhante a Internet of Things Security (20)

Secure CRM Management
Secure CRM ManagementSecure CRM Management
Secure CRM Management
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and Tools
 
Windstream Cloud Security Presentation
Windstream Cloud Security PresentationWindstream Cloud Security Presentation
Windstream Cloud Security Presentation
 
Jms secure data presentation
Jms secure data presentationJms secure data presentation
Jms secure data presentation
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 
[Austria] Security by Design
[Austria] Security by Design[Austria] Security by Design
[Austria] Security by Design
 
Secure End User
Secure End UserSecure End User
Secure End User
 
Team black
Team blackTeam black
Team black
 
How to Manage the Great BlackBerry Migration
How to Manage the Great BlackBerry MigrationHow to Manage the Great BlackBerry Migration
How to Manage the Great BlackBerry Migration
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 
Five Best Practices for Maximizing Mobility Benefits
Five Best Practices for Maximizing Mobility Benefits Five Best Practices for Maximizing Mobility Benefits
Five Best Practices for Maximizing Mobility Benefits
 
3 steps security
3 steps security3 steps security
3 steps security
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-Users
 
Google FIDO Authentication Case Study
Google FIDO Authentication Case StudyGoogle FIDO Authentication Case Study
Google FIDO Authentication Case Study
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101
 
The Connected World
The Connected WorldThe Connected World
The Connected World
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyers
 
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecurityLock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
 

Mais de Thom. Poole

Amersham on the Hill
Amersham on the HillAmersham on the Hill
Amersham on the HillThom. Poole
 
Customer Satisfaction
Customer SatisfactionCustomer Satisfaction
Customer SatisfactionThom. Poole
 
Is the Smart Home fit for purpose?
Is the Smart Home fit for purpose? Is the Smart Home fit for purpose?
Is the Smart Home fit for purpose? Thom. Poole
 
Connected Cars - Do we need them?
Connected Cars - Do we need them?Connected Cars - Do we need them?
Connected Cars - Do we need them?Thom. Poole
 
Day in the Life of a Senior Marketer
Day in the Life of a Senior MarketerDay in the Life of a Senior Marketer
Day in the Life of a Senior MarketerThom. Poole
 
Getting Recruited into Marketing Roles
Getting Recruited into Marketing RolesGetting Recruited into Marketing Roles
Getting Recruited into Marketing RolesThom. Poole
 
Speed in Digital Marketing (Arabic)
Speed in Digital Marketing (Arabic)Speed in Digital Marketing (Arabic)
Speed in Digital Marketing (Arabic)Thom. Poole
 
L'argumentation commercial pour la vitesse dans le marketing numérique
L'argumentation commercial pour la vitesse dans le marketing numériqueL'argumentation commercial pour la vitesse dans le marketing numérique
L'argumentation commercial pour la vitesse dans le marketing numériqueThom. Poole
 
Der Business-Case für Beschleunigung im digitalen Marketing
Der Business-Case für Beschleunigung im digitalen MarketingDer Business-Case für Beschleunigung im digitalen Marketing
Der Business-Case für Beschleunigung im digitalen MarketingThom. Poole
 
Speed in digital marketing en
Speed in digital marketing enSpeed in digital marketing en
Speed in digital marketing enThom. Poole
 
Marketing Bootcamp
Marketing BootcampMarketing Bootcamp
Marketing BootcampThom. Poole
 
The Business Case for CRM
The Business Case for CRMThe Business Case for CRM
The Business Case for CRMThom. Poole
 
CIM CRM Workshop
CIM CRM WorkshopCIM CRM Workshop
CIM CRM WorkshopThom. Poole
 
Managing Business Customers on the Web
Managing Business Customers on the WebManaging Business Customers on the Web
Managing Business Customers on the WebThom. Poole
 
Trust and the marketing art of the opt-in
Trust and the marketing art of the opt-inTrust and the marketing art of the opt-in
Trust and the marketing art of the opt-inThom. Poole
 
Financing your business
Financing your businessFinancing your business
Financing your businessThom. Poole
 

Mais de Thom. Poole (20)

Amersham on the Hill
Amersham on the HillAmersham on the Hill
Amersham on the Hill
 
Customer Satisfaction
Customer SatisfactionCustomer Satisfaction
Customer Satisfaction
 
Entrepreneur
EntrepreneurEntrepreneur
Entrepreneur
 
Is the Smart Home fit for purpose?
Is the Smart Home fit for purpose? Is the Smart Home fit for purpose?
Is the Smart Home fit for purpose?
 
Connected Cars - Do we need them?
Connected Cars - Do we need them?Connected Cars - Do we need them?
Connected Cars - Do we need them?
 
Day in the Life of a Senior Marketer
Day in the Life of a Senior MarketerDay in the Life of a Senior Marketer
Day in the Life of a Senior Marketer
 
Getting Recruited into Marketing Roles
Getting Recruited into Marketing RolesGetting Recruited into Marketing Roles
Getting Recruited into Marketing Roles
 
Speed in Digital Marketing (Arabic)
Speed in Digital Marketing (Arabic)Speed in Digital Marketing (Arabic)
Speed in Digital Marketing (Arabic)
 
L'argumentation commercial pour la vitesse dans le marketing numérique
L'argumentation commercial pour la vitesse dans le marketing numériqueL'argumentation commercial pour la vitesse dans le marketing numérique
L'argumentation commercial pour la vitesse dans le marketing numérique
 
Der Business-Case für Beschleunigung im digitalen Marketing
Der Business-Case für Beschleunigung im digitalen MarketingDer Business-Case für Beschleunigung im digitalen Marketing
Der Business-Case für Beschleunigung im digitalen Marketing
 
Speed in digital marketing en
Speed in digital marketing enSpeed in digital marketing en
Speed in digital marketing en
 
Publish a book
Publish a bookPublish a book
Publish a book
 
Marketing Bootcamp
Marketing BootcampMarketing Bootcamp
Marketing Bootcamp
 
The Business Case for CRM
The Business Case for CRMThe Business Case for CRM
The Business Case for CRM
 
The CRM Jungle
The CRM JungleThe CRM Jungle
The CRM Jungle
 
CIM CRM Workshop
CIM CRM WorkshopCIM CRM Workshop
CIM CRM Workshop
 
Managing Business Customers on the Web
Managing Business Customers on the WebManaging Business Customers on the Web
Managing Business Customers on the Web
 
Trust and the marketing art of the opt-in
Trust and the marketing art of the opt-inTrust and the marketing art of the opt-in
Trust and the marketing art of the opt-in
 
Mobile Mastery
Mobile MasteryMobile Mastery
Mobile Mastery
 
Financing your business
Financing your businessFinancing your business
Financing your business
 

Último

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Último (20)

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

Internet of Things Security

  • 1. © 2014 KlugTech www.klugtech.com Data Security Privacy – we need it, why don’t companies provide it? Thom Poole
 Chief Innovation Officer
  • 2. © 2014 KlugTech www.klugtech.com State of Play •  The Internet of Things (IoT) is already here •  Connected devices talking to one another •  Ambient Intelligence (AmI) – making decisions •  Can be found in: •  Domestic •  Enterprise •  Transport (vehicles & networks) •  Healthcare •  Utilities •  Public sector •  Retail •  Education •  Cities & urban developments •  Agriculture © 2014 KlugTech www.klugtech.com
  • 3. © 2014 KlugTech www.klugtech.com Security 4 key factors •  Something you KNOW •  Something you ARE •  Something you DO •  Something you HAVE
  • 4. © 2014 KlugTech www.klugtech.com Something you KNOW •  Password •  Username •  Personal details (mother’s maiden name, etc.) •  Contact details BUT: Once compromised, published or stolen – it cannot be used again Human’s are often sloppy in their security with this (reveal it readily, or
 use the same details for multiple sites) © 2014 KlugTech www.klugtech.com
  • 5. © 2014 KlugTech www.klugtech.com Something you ARE •  Biometrics – fingerprints, iris/retina scans, voice print, facial recognition, etc. BUT: once the data is digitised, it could be compromised. It can, however, not
 be easily faked (at the moment)
  • 6. © 2014 KlugTech www.klugtech.com Something you DO •  Generally a gesture or tick BUT: Can easily be mimicked. Once the gesture is digitised, it could
 be compromised
  • 7. © 2014 KlugTech www.klugtech.com Something you HAVE •  A device (mobile phone, key fob passcodes, etc.) •  A key •  An access app or programme © 2014 KlugTech www.klugtech.com
  • 8. © 2014 KlugTech www.klugtech.com Data Management •  People and companies entrust sensitive data to others, but if
 data management is insecure… •  Recent breaches include some big-name companies •  So who can you trust?
  • 9. © 2014 KlugTech www.klugtech.com CRM •  Database driven marketing •  Stores all customer data, transactions •  Users can access all information, download, etc. •  Open to abuse © 2014 KlugTech www.klugtech.com
  • 10. © 2014 KlugTech www.klugtech.com Security Management •  Too trusting of people •  Rely on a single factor – Something you KNOW •  Intelligence is flawed •  Trust must be restored •  People have too much access to too much information, and have consistently proven themselves as a weak link. •  Over reliance on a password, which is required in full. Back up factors such as mother’s maiden name is also frequently asked, and too easy to get hold of. •  Machine intelligence is too easy to breach as it stands, and is therefore flawed.
  • 11. © 2014 KlugTech www.klugtech.com Riskiest Employee Practices 1.  Accessing the Internet via unsecured wireless networks 2.  Failing to delete unnecessary but confidential information from computers 3.  Sharing passwords with others 4.  Using the same username/ passwords 5.  Using generic portable drives without proper encryption 6.  Leaving computers unattended & unsecured 7.  Failing to notify firm after loss of portable drives 8.  Failing to shield screens/ data when working in insecure areas 9.  Carrying/accessing unnecessary sensitive information 10.  Using personal devices to access company networks © 2014 KlugTech www.klugtech.com
  • 12. © 2014 KlugTech www.klugtech.com Swiss Banks •  Trusted ‘secret-keepers’ for decades •  Accounts were ‘numbers’ •  No recorded mass breaches •  Still have a good reputation Banking secrecy was enshrined in Swiss law since 1934 – and only amended in 2004. It could be argued that the amended view is not yet fully complied with.
  • 13. © 2014 KlugTech www.klugtech.com Learn from the Secret-Keepers •  Have to KNOW your number •  Have to HAVE your key •  Have to HAVE some identity •  Have to KNOW which bank A single element was not enough… Why is it OK for the IT industry? © 2014 KlugTech www.klugtech.com
  • 14. © 2014 KlugTech www.klugtech.com Physical Security •  We can use a range of measures to keep people out, and/or away from sensitive data files and servers •  Why do all files need to be in one place (eggs & baskets!)? •  Why do individuals need access to ALL the information… ever? © 2014 KlugTech www.klugtech.com
  • 15. © 2014 KlugTech www.klugtech.com Security Example Would you leave your car… •  On the highway •  With the keys •  Unlocked •  With the registration documents Datacentres are often know, or signposted Physical access can be overcome – in datacentres, physical access needed be on site, it can also be via the internet Data is often in unencrypted files – encryption is only involved in the transfer process Data is often stored together – so usernames, passwords, personal data, etc., are all grouped together, so even a minor breach could provide a complete view of a customer or group of customers
  • 16. © 2014 KlugTech www.klugtech.com What’s Stopping You? •  Take security seriously •  Split up your databases •  Use encrypted, multi-point security •  Limit data access •  Keep parts of your system clean & free from all outside influences •  Work with your customers © 2014 KlugTech www.klugtech.com
  • 17. © 2014 KlugTech www.klugtech.com KlugTech •  KlugTech was created to address the usability and security of the Internet of Things •  We have created a modular approach to securing your systems, but a single, safe interface •  Domestic Solutions •  Enterprise Solutions •  Transport Solutions •  Healthcare Solutions •  Public Sector Solutions •  Smart Power Solutions •  Retail Solutions •  Delivery/Logistic Solutions •  Education Solutions •  Smart City Solutions •  Agricultural Solutions •  Security Solutions www.klugtech.com