Securing the Internet of Things

By: Absolute Editorial Team | 5/12/2014

The Internet of Things (IoT) is more than just a buzzword now, it’s a paradigm shift in how people interact with a wide variety of devices; this shift has an immediate impact on the enterprise. Managing and securing the endpoint continues to be the key solution to managing IoT, as it was with BYOD.

IoT is about creating connectivity for a wider range of devices; what we see now with watches and glasses could conceivably extend to any object. With any object offering the capability to send, receive and store data, enterprise data security will need to extend a lot farther than it does now.

“The number of devices coming online is staggering: 50 billion by the year 2020,” says Victor Woo, Canadian general manager, Internet of Things for Cisco, in Toronto. “The need for mobile device management platforms will be at a level we’ve never even dreamt of before.”

While IoT promises to create new efficiencies and productivity in the long-run, these new endpoints come new risks. With so many devices accessing corporate networks and sensitive business data, these endpoints become a new target for thieves who want access to the data on the device or its access to the corporate network. Each device becomes a risk point for enterprise data and those risk points are growing.

As with current data security efforts on 'traditional' BYOD endpoints (laptops, smartphones, tablets), IoT will require that organizations have a means to track and monitor all these new devices to secure enterprise data and network access. Policies must be in place that prioritize data security for employees. And in the event that a security incident does occur, data needs to be safeguarded and steps must be taken to prevent recurrences of the incident. It is very possible that enterprises, like healthcare organizations, will one day need to prove that data is protected in a breach situation, so having a persistent connection to each device to prove compliance will be essential.

A comprehensive piece on ComputerWorld addresses some ways that enterprises can begin to get ready for IoT, by:

  • Ramping up IT/OT collaboration, rethinking network architecture to manage the data, the networks and have many layers of security
  • Learning to cope with consumerization, adapting services and policies to deal with incoming data as well as outgoing data - access and rights must be enforced
  • Getting involved in R&D
  • Staying ahead of the curve

Do you feel intimidated by the IoT? Has it already impacted your enterprise?

Financial Services