The world is going crazy with endpoints and devices.
Everything is connected to the internet. Google recently partnered with Lighting Science Group as part of their Google@Home effort. At a recent industry event they demonstrated light bulb endpoints which are connected to the Internet via a new wireless solution controlled by your Android device. There are Blu-ray players which are connected to Netflix and Hulu. Home stereos can now integrate across the web to Rhapsody and Pandora. Even your car is connected to the internet for music and soon there will be other internet enabled functions in your vehicle.
While the ability to connect and manage various devices and endpoints via the internet and other integrated technologies, there are two things I’d like to convey related to these technologies.
1. Don’t forget security as you connect everything.
2. At Minds4IT when we say device, it means a phone, tablet, laptop, or other computer which is used interactively and when we say endpoint it is anything which you can connect to through any network.
I anticipate referencing these terms often in future articles so here are the definitions of each more succinctly:
Device is any electronic component or computer which allows input, including stereos, Blu-ray players, phones, tablets, laptops, desktops, car, etc.
Endpoint is any electronic component connected to a network which can be controlled using a device but has no direct input mechanism, including light bulbs, door lock systems, etc.
It’s important to delineate the two, as endpoints generally have minimal security built in. Endpoints rely on being connected to a secure network. If they are not secured through the network and network services then any device which can find a path to them may be able to control them. (a firewall controls the paths). Endpoints do not have the resources for a firewall and therefore need network layer protections. Whereas a device may be capable of running its own security control; such as firewall (some can, some can’t). All devices do not have the ability to control the security; but, security controls typically can be enabled within the device; therefore, provide those controls to the entire environment including the endpoints.
Endpoints sometimes evolve into devices. Printers were originally endpoints. As evolution occurred and printers became network aware, input panels, hard drives and local operating systems were added. As a result this turned the printer into a device.
An example of poor network security permitting device compromise is Firesheep. When connections to Facebook and Google were not protected by network controls any device could be used to impersonate the user. The moral is even your light bulb needs security. To ensure security of your light bulbs you ensure they only connect to your secure network. Granted, there’s probably no market for controlling your light bulbs; therefore, you are safe. But if your best friend wanted to play a cold hearted trick on you it could be a source of opportunity.