Chapter 5: IoT Security: Securing the Future of Connectivity

Technological advancements have created a communication environment that is seemingly limitless, thanks largely to the concept of the Internet of things (IoT). Communication devices, endpoints, and everyday appliances are now connected seamlessly to networks, cloud servers, and other endpoints around the globe, making it easier to communicate and engage with technologically advanced appliances. IoT technology is highly prevalent in healthcare, leading several other industries in implementation and advancement (Malhotra et al., 2021). Patel and Patel (2016) describe the IoT as the concept of everyday things autonomously sharing information and connecting to the Internet through connections with public or private Internet protocol (IP) networks. The IoT concept and the data within this concept continue to evolve, become more technologically advanced and increasingly more complicated to protect.

Data-centric technologies play a fundamental role in the security and privacy of IoT as perimeter-less architectures, such as those in the zero trust security model, and are now considered the new norm. Security and privacy solutions must be defined and enacted at the data level, not over-relying on the security of any given environment. Well-defined, properly implemented, actively managed, and (preferably) automatically executed identity and access management (IAM) policies are required for enabling secure communication between IoT devices. The right operational balance between cloud, fog, and edge computing and compliance with several privacy regulations are rapidly becoming strong requirements for secure, efficient, and interoperable solutions. The question then becomes, how do we protect these highly important and sensitive data from malicious cyber-actors and data-loss events?