IoT security risks and benefits of IT convergence
Over the past few years, one of the major IT trends has been that of system convergence.
This trend is not just in relation to converged systems or hyperconverged systems, although that is certainly a part of it. Convergence points to a much larger trend that might be better described as “system standardization.”
This standardization takes many different forms. For example, many software vendors now make their applications cross-platform so that they can work on a variety of operating systems. Similarly, code libraries are seeing greater adoption than ever before, meaning that countless devices are being built with code from those libraries. Further, cloud computing platforms require this kind of system standardization to enable applications to be scalable, secure and interoperable in the .
As systems continue to converge, the convergence will inevitably introduce security challenges, but it will also create new opportunities.
The IoT Security Risks Posed by Convergence
The primary security challenge that is posed by widespread IT convergence is that vulnerabilities can be exploited at a much greater scale than ever before. Consider how bad actors have used the previously mentioned examples of convergence to increase the scale of their attacks.
Conventional wisdom has long held that if an application contains an exploitable vulnerability, an attacker could conceivably use that vulnerability to take control of a system that runs that application.
But what happens when application vendors begin releasing their applications on multiple platforms? It is at least plausible that an application-level vulnerability could potentially allow a malicious actor to successfully wage a multifront attack against every platform on which the application is designed to run. Of course the ability to conduct such an attack would depend greatly on the nature of the vulnerability.
The same concept also applies to the increasing use of code libraries. If a library includes an exploitable vulnerability, the vulnerability will presumably exist in any system that uses that particular code library.
To read the complete article, visit IoT World Today.