The “S” in IoT stands for “Security”!?

Yes, you heard it right! The “S” in IoT stands for “Security”!

With increasing number of applications, hardware prototypes, Operating Systems, Software platforms and Cloud solutions, IoT is appearing in almost every domain we can imagine of! However, how many of these solutions are actually safeguarding our connected devices and networks from the attacks of hackers? The answer is rhetorical to the topic of this article.

IoT being the open field of innovation from Big Bang companies to small enthusiastic, it is essential to understand if the IoT product that we are using is made “full-proof” from attacks. The problem is that IoT is used in almost every domain, from home automation to smart agriculturing, from toys to self driving cars, from small houses to big industries and the idea of Internet of Things (IoT) is still at the very early stages that there are not fixed standards to keep it safeguard. The “Internet” and “Things” in IoT are not that recent though! The internet has grown substantially over the last few decades that the security and safety standards are renewing every year. The internet has seen from its early obscurity ideas to strongest encryptions. The “Things” in this context are also not too age olds. We have seen quite a huge amount of solutions with embedded systems that our legacy machines are now have become compact and smart. The Internet of Things now connect these two most renowned innovations to create cognitive intelligent system to ease out human lives. Today we have thousands of IoT platforms, hundred odd cloud solutions and millions of people working for IoT. However, the most important question of “Security”, is it prevalent in IoT?

Before we begin to cash out our IoT solution, it is important that we answer this question. The security is not as that difficult as it seems to be! There are some basic rules that are already prevalent in todays world. Before there comes the proper standards that could take place to secure it, we can still follow these basic rules to safeguard our IoT products.

Default Credentials

Today, there are several IoT prototype boards and Operating Systems available that use default credentials for the bare installation. The most important thing is to get away with these default credentials and change them to more secure credentials, that only your system will know. Do not ever keep those default credentials on your project when you take out your product to your client.

Authentication & Authorization

The authentication and authorisation works like passport for your system. With the right kind of authentication, you can make the life of hackers miserable and the those for your customers easy. Keeping dynamicity of the authorisation is very important, knowing that many customers would like to see them as similar to their banking systems – Secured and full proof! Keep limited amount of time for the validity of your authorization and keep it renewable with user. The authentication can be kept more obscure using cryptography which are difficult to reverse-break.

Ciphering/Encryption

Hackers can hack to any network easily so it is important that you keep your communication secured and obscured. Ciphering/Encryption using TLS/SSL is good, it provides encryption of data along with authorisation with secured certificates. All the communications that are established by your end devices or gateways to the cloud or with each other must be secured and obscured. For example, if you are using M2M communication where your end devices talk to each other or to the gateway, keep that communication encrypted, irrespective of whatever protocol is used.

Secured Cloud

All the IoT products connects and exchange data in one way or the other with the cloud. It is essential that whatever means of actions we take to secure the IoT network, we take them on the cloud as well. If you are using databases, keep them hidden and communicate with them only using the secured APIs. Not only the authentication (such as OAuth, API keys) but also apply encryption (HTTPS instead of HTTP, SSL instead of TCP etc). Along with common authentication, add extra layer of authorisation that can distinguish one user with the other so that even in case if one specific user device is compromised, it doesn’t affect the entire system. One user’s vulnerability shouldn’t affect the other users or the entire system. It will be good to create micro-services on your cloud that can maintain these unique authorisations and also keep track of any attacks which can be reported to the system admin.

Device Security

Your end devices and in case if your IoT solutions uses IoT gateways or routers, must also be made tamper proof from attacks and malware. One basic rule is that you maintain different code base for your development and for the production. Blow off the fuses or lock the ports when you create production version of your software. This way you keep them secured by hackers. Also do not bundle the source code or unencrypted files on your device memory. Use binaries, if possible wrap them up with secured wrappers and if any local databases or files are used, then keep them encrypted.

The security of your IoT product is in your hand. The more we care, the more it becomes safe for the use! It is inevitable that in coming years we will have “Internet of Secured Things” and not just IoT that we are known of!

Written by

Santosh Ambekar

IT and IoT Professional

Disclaimer : The opinions expressed in this article are those of the author, and do not reflect in any way those of the organizations or institutions of which he is a member.

The future of Smart Agriculturing

With Global population rapidly increasing to reach 10 billion by 2050, the human race will face challenges in terms of water resource, food production and agricultural land. It is evident that traditional agriculture will not be sufficient to support the increasing demand for nutritional food. Will IoT solve this problem? Will it help the human race to survive amongst diverse situations?

In last few decades, humanity has seen that rapid growth in industrialisation with the help of technology advancements in every field. However even with this rapid transformation, the most difficult questions such as pure drinking water, nutritional food, climate change, and pollution are still unanswered. In fact, they are becoming even worse. Undoubtedly, agriculture is one of the oldest industry we know of. Except few, there have been very less advancements done in the field of agriculturing. Every year due to drought, flood or other calamities, the agriculture yield is just going down. With the rise of Internet of Things at every odd field, do we see if there’s scope to improve this situation?

The research firms have found that in the next 5 years agriculture sector will embrace the Internet of Things to improve the quality and yield of it’s output. Some of the biggest agriculture companies are coming together to invest more in IoT so even in diverse situations such as changing climate and lesser resources, the demand of nutritional food can be fulfilled. Some of the biggest agriculture industries have already adapted ways where IoT can improve their productivity.

With the global population going as high as 10 billion by 2050, problems with water resources, food production, agricultural land and quality food will only become worse. There are many ways in which IoT will help improve this situation.

Optimisation of Water Resources

Water resources are very limited, so proper use of water without wastage is very indispensable. IoT devices such as Hygrometer or Moisture sensor together with water pumps can deliver only required amount of water for crops. These devices can be fine tuned or “adjusted” so they can provide different amount of water to different type of soils and for different climatic situations.

Quick adaptability to Climate

The rapid changes in climate can result in poor quality of crops. This can be easily overcome by deploying climatic sensors such as Temperature & humidity sensors, Gas sensors etc. that can on real time monitor these climatic parameters which then can be used to take immediate remedies.

Pesticide and Insecticide control

Pests and insects causes huge agricultural loss every year. Not only they reduce the yield but also cause poor quality of crops. This can be tackled as well with the help of #IoT. On the other side, excessive amount of pesticide can cause food nutritions to go down and is not good for health. This can be very be taken care of by allowing IoT to control the sprinkling of these pesticides.

Real time monitoring

All this and much more can be monitored about the crops in real time with the help of IoT devices. Real time monitoring will help farmers and big agricultural companies to take immediate actions for varying situations.

Smart farming has really become the need of an hour and many firms have already realised that! If you are still not in those ones, then it’s time that we embrace IoT to improve our agriculturing!

Really, AI is threat to your job?

Artificial Intelligence (AI) is increasingly becoming relevant in many areas. and when we talk about AI, the first question that haunts our mind is, if it is going to cut jobs in future! At first it might seem that it will adversely affect the jobs and people, however a much deep insight into it will make you realise that it isn’t true always!

The first thing that pops our mind when we hear about AI is if it’s gonna affect our livelihood in future? Recently, I received a message on a social media it sprung my mind too! AI is becoming increasingly relevant in many areas. In banking, medical science, space research, business intelligence, AI is spreading it’s wings faster than ever. People are worried what it gonna look in future when it comes to their livelihood on present jobs. When computers were first introduced in the world, they first took prey of lot of manual jobs. Now the same computer is becoming smarter and intelligent with the chunk of softwares turning the whole game into an AI arcade. In 2013, researchers at Oxford University did a survey on the future of work. They draw the conclusion that almost one in every two jobs have a high risk of being automated by machines. The whole lot of this disruption is happening due to what is called as Machine Learning. It is the most powerful branch of Artificial Intelligence. In principle what it does is pretty interesting! It allows machines to learn from data and mimic some of these things that human can do repeatedly over the period of time.

Machine learning is not a new thing! It started making it’s way in early 90’s with relatively simple tasks, such as assessing risks with loans and insurance, sorting messages and mails. However, the real breakthrough in the field of Machine Learning has started in last few years! It has evolved so much, that it is able to perform far more complex tasks. Today Machine Learning is used in almost everything that we use. Facebook sorting out the relevant connections and messages for us, Amazon displaying the latest and recommended items on their retail website, Google displaying exactly the ad of the product that I was interested in just few hours ago, are quite some of the examples of it. Some German based e-commerce retailer has taken AI to next level where it can predict the trends and recently in my read where an AI algorithm is able to predict the sexual orientation of a person based on their photos, and what not, it accurately tells it. In medical science, after feeding medical reports and diagnosis of patients to an AI system, it is now able to match the diagnosis given by human ophthalmologists. Not a myth, that AI is going to make it’s way to all the industries in future and is going to help a humanity a lot, however the biggest question is whether it’s gonna do that at the cost of their jobs!

It’s not wrong to say that, given the right data, machines are going to outperform the humans. This is quite obvious because machines executes the job as per the algorithm fed to them and there is hardly any chance that they will do mistakes, in fact there is none, provided the data that their algorithm is based on is right. On the other hand, humans have limitations with their senses such as vision, hearing or even processing a manual task. Machines are quite fast enough to perform those and can break the barriers if replaced by even faster processing powers. For example, a doctor can diagnose may be 50000 illnesses over their career, the machine can do the same in just few minutes. By no way, human have chance of competing against the machines, when it comes to large, repetitive jobs.

However, there are things that machines can’t do! The machines can not tackle the novel situations. They can’t handle things that they haven’t seen many times before. That’s because the fundamentals of machine learnings are that they require to have a huge volume of historical data in order to be accurate. But humans do not need one. Humans can connect vividly different threads that do not seems to relate to each other at all and can solve the problems that have never appeared before. That’s the innovation part where machines lacks a lot and no AI system so far is able to make any progress. We all know how the innovation of an electric bulb could happen which no machine would be able to do it. Machines can not diagnose the disease if they haven’t seen that specific virus before, nor can they tackle the business situations which have never happened before in the history of mankind.

Machines can barely be creative as they lack human intelligence of connecting significantly different threads. This is inherently present in every one of us. That’s why machines can not outperform humans when it comes to tackling novel situations. That’s why it is evident that the jobs which involves repetitive tasks without any intelligence are at high risks of taken away by AI. AI can outperform human in these gigantically large volume tasks, such as purchasing raw material, Manufacturing a product based on demands, Creating business reports and analysis, diagnosing standard diseases. Therefore it is quite obvious that AI is not going to disrupt the human jobs as they seem. They can make the job of people easier and can shift the whole paradigm of jobs to another level. However, it is quite a risk for people who do not want to evolve and rather would like to stick to manual jobs. It is time for us to roll up our sleeves and upgrade ourselves to handle the more novel situations.

Written by

Santosh Ambekar

IT and IoT Professional

Disclaimer : The opinions expressed in this article are those of the author, and do not reflect in any way those of the organizations or institutions of which he is a member.

What you need for making an IoT cloud of yours?

While there are bunch of readily available cloud solutions available, does it make sense to make your own? I will be giving my own views on this in this very fresh blog post. The opinions might differ person to person but will try to get the very facts straight!

When I started as an hobbyist on IoT development few years back it was dark and cloudy or should I say “non-cloudy”? There were limited resources for hardware and almost no good cloud solution! Things started changing very rapidly as IoT started becoming the buzzword and companies and businesses realized that it is right time to invest in IoT! Since then from big establishments to small start-ups have come up with easy to use, plugin type solutions for internet of things! Few IoT hardware prototype companies are also providing readily available cloud solution, which is easy to setup and code. And then there are big folks like Amazon, Microsoft, Google who are there with their cloud solutions as well. The question still remains that you gotta use these cloud solutions or is it worth enough to develop your own cloud platform?

what is good?

Well, it’s not difficult to answer to this very question! If you are an hobbyist and just want to get your hands on with IoT, it does make sense to use freely available off the shelf cloud solutions. There are many currently such as Thingspeak, Particle Cloud, etc. Just key in the Google search and you would get host of options. These are great solutions to start it. However, many of these cloud platforms provide free usage upto certain number of calls so if you are thinking of deploying it for anything big, you would exhaust out of this free quota very soon. If you are thinking of working it out for your customers then it is recommended that you use off the shelf solutions such as Amazon Web Service (AWS) or Microsoft Azure IoT cloud etc. However they are very very costly! so unless your client covers up the IT cost, you better say Nay for it!

However there’s a balancing solution out there! Instead of using SaaS (Software as a Service) model, use IaaS (Infrastructure as a Service) model and create your own cloud platform for yourself. First look at it will seem it like a gigantic task, however once you are done with the first one, you can package it and deploy for your many clients easily.

How to get started?

So basically what you need is to decide the cloud solution provider such as AWS or Azure. I’d recommend AWS with Linux OS. We have pretty much all the software open source and free for Linux OS. Once you narrow down on your selection, it’s the step to start thinking on what software you need to establish your functional cloud platforms. So if you are thinking of using MQTT then you might need Mosquitto or HiveMQ. You certainly need database to store the data so you have MySQL there or you can even chose from DynamoDB or MongoDB. You might need to create Web services which can be fueled with PHP or Java. You can find all of these and setup as per use. But first what you need is to decide on the architecture. Plan those basic steps already so you don’t end up in reforming them again.

Security

It’s essential that you secure each of the entities in your cloud with the best possible solutions out there! For security you need 2 important things – First Authentication and secondly Encryption! Authentication is required so only relevant users or clients can access the systems on your cloud using right ports or channels. However encryption is required so that all the data streams to and from your cloud are so well encrypted that it is impossible for hacker to decrypt it and get access to. Using TLS/SSL is the best and economical way of ensuring the proper encryption. The SSL certificates used also ensures that the connection from your client to your cloud is trusted and is not routed to some malicious site.

Why do we need own cloud

You don’t need it unless you don’t care on what happens or who may look at your data. With increasing number of IoT applications and even more increasing skills of the hacker community out there, it is becoming essential that you care for it. Otherwise your systems are prone to hacking and your and your clients data is compromised, which I don’t think will be liked by many of us!

Written by

Santosh Ambekar

IT and IoT Professional

Disclaimer : The opinions expressed in this article are those of the author, and do not reflect in any way those of the organizations or institutions of which he is a member.

How do we develop dictatorial leadership unconsciously!

Organizations or companies are made up of people, so the business style or the values of the company are largely the reflection of their top executives leadership styles. The success or failure of an organization depends on which style they adopt to at their core and at what time! Principally, we know there are four types of leadership styles – Participative, Consultative, Authorirative and Dictatorial. Well, we can not say any of this style is better than the other, because leadership is all about using the right style at right time which often calls for a “Situational Leadership” where a leader quickly takes over one style over the other when situation demands for it. However, the constant shift of leadership style is not as easy as we think. Although situation might demand one style, it can be largely influenced by other factors such as time, personal issues and pressure from top management. Knowingly or unknowingly these and the other factors slowly shifts us to adapt to one of the specific leadership style. What can possibly go wrong is to end up with a “Dictatorial” one!

Subconsciously great leaders develop “Dictatorial Leadership” with their behavior and most of the time they are not even aware of their effects happening around them. The fact is that “Dictatorial leadership” develops a big wall that the leaders fails to get the message from people on what possibly going wrong at the execution level of the organization. This leads to organization’s catastrophic failures in holding back the innovation and renewal. But how this all happens after all? How even the great leaders gets into the pitfall of repulsion created by dictatorial behavior? Here’s some insight into the inception of this dreadful behavior…

Unrealistic Challenges

Challenges keeps company’s heart alive. It fuels up the innovation and keeps it ahead of the competition. However, unrealistic challenges brings dreadful experience. We are aware of the situation and it’s complexity but we keep pushing people to achieve it and of course in the way we think of. Many times leaders presume it’s a fairly simple task without having the subject matter expertise and give undue pressure to their people. Because I have done something similar like this 30 years back makes me think it as an easy job! The fact is not only we are losing trust of the people but also repel them away giving alternatives or suggestions to overcome the challenge. The challenge always remains a challenge and never gets solved. Slowly we shut down the only way to get the solution and lead ourselves towards dictatorship!

Trust and fairness

Trust is the basic foundation of any relationship and it holds true even to the leaders and their followers. Building a trust takes time, so does maintaining it, but once the trust is established the leader is required to apply the fair rules to acknowledge it for the people. But this doesn’t happen all the time. Either leaders tend not to believe the people to stay with the benefit of the doubt or give excessive trust on few ones that they lose the grounds on fairness rules. This has an epidemic effect of good people losing the trust in return. People who are ignored becomes introvert and develops fear in mind. Again, unconsciously it puts down the leader to “dictatorial” mode.

Tactical Management

Lot of managers tend to do tactical management. They think that it is diplomatically perfect if a fear of “things” is induced on a fellow being. The strategy here that these leaders think that it will play a spell of “do-whatever-i-say”! Leaders create a circle of fear around their colleagues, about a job, their position, about the situation in the industry in order to retain them for a longer time in an organization. They often dictate the grim situation outside of the organization to develop a constant fear of the job only to realize later that these people turn out to fear of everything – even their jobs and assignments. They perform averagely and turns into “invisible employees”.

Internal politics

It’s the vicious venom in the organization. Internal politics kills the good in people and germinate the bad culture. People without talent but to grow on parasitic cultivation takes advantage of it and foster the culture of dominance leading to dictatorial culture. Many organizations have understood it and have been abolishing the internal politics to play fair with everyone.

As started this article, people make the organization and not the other way around, it is essential that we fight against any of such instincts that we come across. It is essential for the executive management to involve less with individual work but to analyze for any potential defects in the system that can lead to dictatorialship. Finally, if we trust people, make less of a micro-management and provide equal opportunities to all will make the overall management to be participative and propitious for their business!

Written by

Santosh Ambekar

IT and IoT Professional

Disclaimer : The opinions expressed in this article are those of the author, and do not reflect in any way those of the organizations or institutions of which he is a member.