In the past decade the Internet of Things has exploded. Cars, your refrigerator, your thermostat and even your vacuum cleaner have been connected to the Internet. It seems like nearly anything can be connected to the Internet nowadays making for an incredibly convenient life. Unfortunately what has been neglected for these devices in many cases is security and that has not gone unnoticed in today’s world where data breaches have become almost too commonplace. Those days may be about to end as the state of California has passed legislation requiring any smart device connected to the Internet of Things to have some sort of reasonable security with it.
Requirements Of The Bill
Starting in 2020 any smart device that connects to the Internet or can be accessed outside of a person’s LAN must have security features built in. The device must be equipped with a password or the user must be forced to set a password for the device on setup. This will eliminate generic passwords which can be easily guessed or obtained.
Considering that with enough know-how any device can be exploited and give an attacker entry to a network thus compromising that network this is a big first step. Your password could be your first or last line of defense and by making it harder to crack it makes an attacker’s job much, much harder. Most security experts have hailed this as a good first step.
A Good First Step?
As we all know the password is not the end-all-be-all of security. There are numerous other methods of authorization which could be in use with a device or potentially will be soon. The bill does not cover any of those forms, like say biometrics, which could leave holes in the security for criminals to exploit. Coverage of that may come down the line.
No National Standard?
Several attempts to pass security bills regarding the Internet of Things in the US Congress have never even made it to a vote but even those that have been introduced fall well short of the bill passed in California. Either way this will probably affect every American as chances are the devices that you have that are connected to the Internet of Things are probably sold in California and will be upgraded. We use several of these devices at Nicely Done Sites already.
You might laugh at this but this is a very serious issue. Hackers have compromised a smart refrigerator to be able to gain login credentials and even were able to compromise a business’s network security. That Roomba you have can be hacked to spy on you or a whole host of other things. Anything else that is smart, be it a light bulb or a security system can be hacked and tightening the security of these devices can only be helpful.