Top Tips: Avoiding the security pitfalls of shoddy application development

How to avoid the security pitfalls of shoddy application development – and safeguard your reputation

[image_library_tag 988ddce5-a524-4365-abf8-763fd4b1e693 123x144 alt="02-12-2015-how-to-avoid-the-security-pitfalls-of-shoddy-application-development" title="02-12-2015-how-to-avoid-the-security-pitfalls-of-shoddy-application-development" width="123" height="144"class="left "]Paddy Srinivasan is the vice president of Products at Xively where he is responsible for product management and product development of the Xively IoT enterprise application. He previously led the Customer Engagement Products at LogMeIn including Rescue and BoldChat. Prior to joining LogMeIn, Srinivasan built two successful cloud startups Opstera & Cumulux in Cloud Operations Management and Cloud Deployment domains. Previously he held leadership roles at Microsoft (in Office and .NET teams) and Oracle (Mobile Embedded Databases) in Product & Engineering management.

Paddy shares his top tips on how to avoid the security pitfalls of shoddy application development – and safeguard your reputation.

As we approach 2016, there are few restrictions to the kinds of connected features which can be added to both consumer and commercial products and the Internet of Things has become an innovation arms race. As developers fight for our attention, one thing has become clear: just because you can make a ‘dumb’ device ‘smart’, doesn’t mean you should.

Security failures in the IoT can often be traced back to poor decisions made at the application development phase. There is already mounting evidence that hasty application development and ill-thought-out design are too often the norm rather the anomaly. In early 2014, security firm ProofPoint issued a report that claimed more than 100,000 consumer devices had been used to send 750,000 malicious emails and online attacks, including the now notorious spamming refrigerator.

To avoid shipping products with with features and applications that are severely constrained, fail to work as advertised or that are unstable, developers should use the following tips as a basis for securing smart devices at application level:

Know that criminals will attack your connected products, and design with that in mind - It’s surprising how many app developers rely on a ‘numbers game’ for protection against hackers. ‘Security through obscurity’ is a risky strategy – it’s never wise to assume you’re not interesting enough for criminals. Design your products with the assumption they will be forensically deconstructed and examined.

Don’t be tempted by security shortcuts such as weak authentication requirements, embedded private keys or hard coded administrative accounts. Saving time might seem like it’s worth the risk, but there’s a fine line between a globally deployed IoT ecosystem and a worldwide botnet with your name on it.

Weigh the pros of “connected” features against the cons of the security holes they open up - Connected products – whether a car, CCTV camera or medical device will always rely on some kind of software to manage tasks, as well as communicate. Securing this software requires a focused effort from the very outset of development. Assessing the privacy and security implications will change the cost-benefit calculation, which could result in outweighing the benefits of the feature it is intended to secure. However it’s better to find out these costs in advance, rather than the costs associated with an insecure or exploitable feature once the product has been deployed.

Screen supply chain partners closely, make sure contracts and service provider agreements protect you - Chasing down the ghosts in your supply chain is a monumental task. That’s especially true for smaller firms, who have enough keeping staff busy in order to get a product to market. However, companies can insulate themselves from supply chain risks. Experts advise companies to pay special attention to any third party or supply chain partner who has access to sensitive data or assets on your networks. These partners should be managed using conventional “least privilege” principles to keep them from gaining access to IT assets in excess of what they need.

Take steps to make IoT devices secure in deployment - Do yourself a favour and accept the fact we no longer live in a ‘set and forget’ technological world. You must take steps to ensure that any remotely deployed device can be protected and managed over their entire lifespan.

Exercising caution at the expense of ease of deployment is the new world order for app developers. We can’t rely on end-users to update their passwords, so the onus is on us to prompt regular password updates and to support updateable firmware by way of authenticated, signed software updates. This is a step towards resiliency.

IoT infrastructure providers must also take steps to protect critical assets, such as cryptographic signing keys (secret keys), tokens and administrative accounts from compromise. Beyond that, protections for IoT devices should be provided with the expectation that such devices will be subject to many of the same kinds of attack as traditional IT systems, including brute force password guessing and denial of service attacks.

Staff and empower your team to mitigate ongoing threats with a steady stream of firmware updates - It is good idea to consider employing security leads and evangelist who will be vital in ensuring that security requirements are properly spec’d and included at all stages of development. It’s wise to make sure more than one member of the team has a solid grounding in these skills, so that you’re not left high and dry if one leaves or goes on holiday. On the process side of things, it’s vitally important to identify security deliverables within your project to make sure they are staffed and completed without problems. Finally, IoT product design should take into account both common- and edge cases for attacks and misuse. After all, inadvertent misuse and hostile attacks are a fact of life.

On one level, it would seem that building an IoT product looks pretty simple. Developers can choose to take advantage of open source software libraries, cloud based management and ready-made hardware. But building a product and building it well (and securely) are two different things. The security and privacy issues raised by connected products are often subtle, complex and overlooked. Companies that run before they can walk into the Internet of Things without considering these risks could end up putting their reputation on the line.

The good news is companies that are pursuing an IoT product strategy don’t have to start from scratch. IoT platforms-as-a-service can address many of the security and data integrity issues that are prevalent in poorly-designed IoT products.

By providing tools that allow the streamlining of secure communications based on internationally recognised encryption protocols and which extend fine-grained user provisioning to IoT products, ready-made platforms IoT platforms can help you achieve a competitive time-to-market for your connected product, without sacrificing security or privacy.