Blog Archive

Please visit our current blog

TempAlert Blog

Using Role-Based User Credentials to Avoid IoT Security Risks

May 26, 2016

IoT - Role-based credentials - Security risks


Parents who install home monitoring or security systems to keep tabs on children, pets, their homes, and more learn quickly that a plan is needed. The first time an alert or alarm condition occurs and both receive the alert, someone will need to respond. If there has not been a discussion of who that will be, there are three possible outcomes:

  • No one responds
  • Both respond
  • One person responds

To avoid confusion or lack of action, a discussion will occur and the rules of response will be established; they are usually based on availability, proximity, or the type of alarm. Regardless of the alarm type, there needs to be a plan in place so the alarm is acknowledged or addressed in a timely and satisfactory manner.

The chance of an alert or alarm occurring increases with the number of things being monitored. Smart homes with networked thermostats, video monitors, window and door sensors, motion sensors, leak sensors, smart refrigerators and other smart appliances add significantly to the number of potential alerts. But what about a connected enterprise with multiple sites and hundreds or thousands of units being monitored?

When a business introduces sensors to their own facilities and processes, it’s no different; in fact, the potential risk is much greater. If a family has a fire in their home, alternate lodging can be secured despite the challenging loss. If a business has a fire, their ability to continue operations may be severely impacted. For food or pharmaceutical operations, loss of electrical power can shut down refrigerators and freezers leading to a significant loss of valuable product. 


IoT Security

Who responds to your alarms takes planning. Image Sources: Left  Middle Right

For laboratories, loss of power can affect environmental test chambers, refrigerators, freezers, and furnaces that contain long term research materials or irreplaceable crime scene evidence. In such cases, monitoring facilities and equipment is important to continued operation, but response is critically important. For example, a pharmaceutical development lab monitors their refrigerators, freezers, and environmental chambers for temperature excursions. The lab stores and tests drug precursors to determine shelf life in tests that take six months to a year to complete.  Quality Assurance professionals have determined there is a six hour window to address an out-of-range condition before materials need to be moved or they will be lost. Starting over is painful for all.

Who responds to alerts on a given day or at a particular time takes planning. The same questions that homeowners ask about who is available and capable of addressing an event needs to be considered for businesses as well. TempAlert’s role-based user matrix enables companies to assign rules and implement security, configuration, access, response, escalation and reporting plans quickly and easily:


TempAlert role-based security matrix

 

It's imperative to create clear roles and responsibilities to avoid lack of action and ensure facilities and products are secure at all times. Rule and role based strategies will require significant study, input from stakeholders, and approval by IT and business managers, but the the end result will lead to a peace of mind that can’t be valued. 

Subscribe to the Connected Insights Blog

Get our latest updates every week!

This website uses cookies that are essential to the operation of this site, to personalize content and allow us to analyze site performance. If you continue to use our website, you consent to the use of our cookies. Click OK to indicate your acceptance of our cookie policy, including advertising cookies, analytics cookies, and sharing of information with social media, advertising and analytics partners.

Learn more >