If smart devices can talk to each other, they can be hacked. In the last few years, cybercriminals have accessed devices connected through the Internet of Things to commit crimes such as shutting down the heat to a building and slowing a university network to a crawl.
A recent report from Gartner shows that worldwide spending to secure the IoT — the network of interconnected devices embedded with computing and communication technology — will be $1.5 billion in 2018, up from $1.2 billion last year. Because of the increasing role that the IoT plays on college campuses, IT professionals need tools and strategies to face this growing challenge.
Researchers Aim to Increase Security in Smart Devices
The IoT era is well underway in higher education, from wireless speakers in student residence halls to interactive whiteboards in classrooms. At the University of Nebraska, Print IT kiosks let users print from any application and any device. The University of Southern California is studying how cameras and wearable sensors can create personalized learning experiences.
But an increase in connected devices requires a corresponding jump in security. Many smart devices lack robust security protocols, making them vulnerable to security breaches such as distributed denial of service attacks, eavesdropping and data theft, according to an article in Computer Communications.
To help solve this issue, researchers at Carnegie Mellon University are leading a team of colleagues from the universities of Cornell, Stanford and Illinois at Urbana-Champaign to create GIoTTO, a universal platform that standardizes smart device app development while incorporating privacy and security controls.
Strategies Help IT Manage Network Exposure
While GIoTTO may become a safer platform for tomorrow’s IoT, today’s devices still present a fair amount of risk. Gartner’s Ruggero Contu says that institutions must pay more attention to the devices and providers they put on the network.
“Coordination via common architecture or a consistent security strategy is all but absent,” Contu says in a Gartner press release. “And vendor product and service selection remain largely ad hoc.”
In the short term, that means IoT security solutions need to be fully integrated into the larger technology ecosystem. In its review of the IoT in higher education, experts interviewed by EDUCAUSE encourage university IT staff to thoroughly vet all connected campus devices, from ID-card readers to thermostats, to ensure they have the necessary security features and the ability to control access.
It’s harder to screen devices that students and staff may bring to campus, but institutions are tackling that issue the same way many businesses do. Mike Chapple, associate teaching professor of IT, analytics and operations at the University of Notre Dame’s Mendoza College of Business, recommends segmenting the network so that if unknown devices are connected to the campus network, they are separated from all other devices, computers and data.
“Network segmentation is one of the strongest controls in the security arsenal,” Chapple writes for EdTech. “Placing IoT devices on a tightly controlled network reduces the risk that they will become compromised and limits the damage they can cause if compromised.”
The number of IoT devices is expected to reach more than 46 billion in 2021, according to Juniper Research, with a 24 percent annual growth rate in the industrial and public service sectors. As the prevalence of the IoT spreads, higher education has the opportunity to lead the way in developing technology and strategies to keep devices and data secure.