Chapter 4: Everything Needs to be

Secured
IOT CƠ BẢN
502068
 Ghi chú về bản quyền
• Toàn bộ nội dung bài giảng là của CISCO,
sinh viên có quyền tải về, lưu trữ, in ấn,
tham khảo cho mục đích học tập. Sinh viên
không được phát hành lại hay thay đổi nội
dung slide nếu chưa có sự đồng ý của chủ
sở hữu.
• Phần ghi chú ở cuối slide (nếu có) là do các
thầy cô ghi chú lại trong quá trình giảng dạy.

11/27/2024 502068 – IOT Cơ bản 2

Chapter 5: Everything
Needs to be Secured
Instructor Materials

Introduction to the Internet of Things v2.0

Chapter 5: Everything
Needs to be Secured
Introduction to the Internet of Things
v2.0 Planning Guide

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Chapter 5: Everything
Needs to be Secured

Introduction to the Internet of Things v2.0

Chapter 5 - Sections & Objectives

 5.1 Security in the Digitized World

• Explain why security is important in the digitized world.

• Explain the need for security in the digitized world.
• Explain how to help secure the corporate world.
• Explain how to secure personal data and devices.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
5.1 Security in the Digitized
World

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Why is Security so Important?
Types of Data

 The quantity, volume, variety, and immediacy of generated data has changed.

 Personally identifiable information (PII) or sensitive personal information (SPI) is data relating to a
living individual that can be used on its own or with other information to identify, contact, or locate a
specific individual.
 Informational data can also contain sensitive information concerning corporate secrets, new product
patents, or national security.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Why is Security so Important?
Lab – Types of Data

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Why is Security so Important?
Who Wants our Data?
 The Good Guys

• Legitimate companies that have an agreement in place

to use the collected data about you.
• We agree to this in “Terms and Conditions” or “Terms
of Service and Agreements”
• White hat hackers who test security to help protect
data.
 The Bad Guys

• Black hat hackers, want access to collected data for

many nefarious reasons:
• To access user IDs and passwords to steal identities
• To access data to commit a crime.
• To sell the information to a third party.
• To modify the data or disable functionality on a device.
• To disrupt or to damage the image of a legitimate
company.
• To create political unrest or to make a political
statement.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Why is Security so Important?
Data in the Wrong Hands

 Login credentials and other personal data

for more than one Million Yahoo and Gmail
accounts are reportedly being offered for
sale on the dark web.
 Cybercriminals penetrated Equifax (EFX),
one of the largest credit bureaus, in July
2017 and stole the personal data of 145
million people
 A breach of MyFitnessPal affected 150
million users.
 Ransomware attackers stole 57 million
drivers and rider accounts from Uber.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Why is Security so Important?
Lab – Internet Fingerprint

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Why is Security so Important?
Security Best Practices

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Protecting the Corporate World
Physical Security

 Outside perimeter security - on-

premise security officers, fences, gates,
continuous video surveillance, and
security breach alarms.
 Inside perimeter security - continuous
video surveillance, electronic motion
detectors, security traps, and biometric
access and exit sensors.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Protecting the Corporate World
Challenges of Securing IoT Devices

 Increasing Number of Devices -

The number of interconnected
sensors and smart devices is
growing exponentially, increasing the
opportunity for attacks.
 Non-Traditional Location of
Devices - Some connected IoT
devices are able to interact with the
physical world.
 Lack of Upgradeability - IoT
sensor-enabled devices may be
located in remote and/or inaccessible
locations where human intervention
or configuration is almost impossible.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Protecting the Corporate World
Safe Wi-Fi Usage

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Protecting the Corporate World
Protecting Devices
 Keep the Firewall On

 Manage Your Operating System and Browser

 Protect All Your Devices

 Use Antivirus and Antispyware

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Protecting the Corporate World
Packet Tracer – Secure a Wireless Router

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Securing Personal Data and Devices
Smart Homes
 Smart sensors in our homes increase the
potential for security issues.
 The sensors could provide a way for
hackers to get into our home network and
gain access to any PCs and data that are
connected to it.
 Before purchasing home security systems,
it is very important to research the
developer and the security and encryption
protocols that are in place for its products.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Securing Personal Data and Devices
Public Hotspots
 Safety rules to follow when using a public or
unsecure Wi-Fi hotspot:
• Do not access or send any sensitive personal
information
• Verify that your computer is configured with
file and media sharing, and that it requires
user authentication with encryption.
• Use encrypted virtual private network (VPN)
tunnels and services.
 Bluetooth can be exploited by hackers to
eavesdrop on some devices, establish
remote access controls, distribute malware,
and drain batteries.
• Turn off when not in use.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Securing Personal Data and Devices
Setting up a VPN on Smartphones

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Securing Personal Data and Devices
Lab - Discover Your Own Risky Online Behavior

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
5.2 Chapter Summary

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Chapter Summary
Summary

 The quantity, volume, variety, and immediacy of generated data has changed.

 Personally identifiable information (PII) or sensitive personal information (SPI) is data relating to a
living individual that can be used on its own or with other information to identify, contact, or locate a
specific individual.
 Informational data can also contain sensitive information concerning corporate secrets, new
product patents, or national security.
 White hat hackers test security to help protect data.

 Black hat hackers, want access to collected data for many nefarious reasons.

 Outside perimeter security - on-premise security officers, fences, gates, continuous video surveillance,
and security breach alarms.
 Inside perimeter security - continuous video surveillance, electronic motion detectors, security traps, and
biometric access and exit sensors.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Chapter Summary
Summary (Cont.)

 Challenges of securing devices on the IoT:

• Increasing Number of Devices - The number of interconnected sensors and smart devices is growing
exponentially, increasing the opportunity for attacks.
• Non-Traditional Location of Devices - Some connected IoT devices are able to interact with the physical world.
• Lack of Upgradeability - IoT sensor-enabled devices may be located in remote and/or inaccessible locations
where human intervention or configuration is almost impossible.
 Know the steps to protect your company’s wireless network.

 Steps for protecting your own devices:

• Keep the Firewall On

• Manage Your Operating System and Browser
• Protect All Your Devices
• Use Antivirus and Antispyware

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Chapter Summary
Summary (Cont.)

 Smart sensors in our homes increase the potential for security issues.

 Safety rules to follow when using a public or unsecure Wi-Fi hotspot:

• Do not access or send any sensitive personal information
• Verify that your computer is configured with file and media sharing, and that it requires user
authentication with encryption.
• Use encrypted virtual private network (VPN) tunnels and services.

• Set up a VPN on your smart phone.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32