23
means for gaining physical access to a building or home. "It's not for the value of the
device itself or the data that's on the device," says Barker in explaining the risk. "It's the
potential access the device gives you to its environment."
Barker points out fundamental security practices that include establishing a chain of
trust that remains unbroken throughout its life cycle, from the moment that device is
first instantiated and authenticated. Another security principle is that of least privilege.
You grant a thing as much—and only as much—access as it requires," says Barker.
"Extrapolating that into building a device, you give the device only those capabilities it
requires to do its job." For example, you don't want to build a device with unnecessary
ports or communications capabilities.
However, therein lies another difficult design decision. "There's a balancing act between
future proofing the device versus securing it," Barker says. On one hand, for greater
product longevity, you may want to future proof it by building in sensor and processing
capabilities that you intend to use in the future through software upgrades. On the other
hand, to have a secure design, you don't want to give it more power, more memory, or
more storage capacity than it needs to get its job done. "It becomes an issue of balance,"
Barker says, "and there's no easy answer."
"It's not for the
value of the
device itself
or the data
that's on the
device. It's the
potential access
the device
gives you to its
environment."
