Feature Article
Safeguarding the IoT: Putting Security Front and Center
Alex Brisbourne, CEO
KORE
Over the past decade, businesses have taken a risk-based approach to security, balancing the need to keep critical data secure
against the risk that a breach of some sort will occur. In many cases, that's still the case. Despite some high-profile breaches against
major retailers, healthcare companies and financial institutions, many organizations including those running sensitive industrial applications still aren't protecting their data as well as they could and should. One thing is changing all that: the Internet of Things (IoT).
The IoT comprises all of the smart systems and devices that are being connected to the Internet. These include consumer devices, such as
home automation devices (thermostats, refrigerators, etc.) and connected
vehicles, but also include the growing number of sensors and applications developed for more industrial and B2B uses. These include things
like remote monitoring applications for ranching, irrigation systems for
agriculture, utility metering and other applications for industries such as
construction, mining and oil and gas. Even remote ATMs and machines
that collect credit card data, such as automated car washes, fall into this
category. In these industries, IoT devices are often located in remote areas where they are not monitored by a human and rely on Internet access
to gather the information they are intended to collect.
While IoT devices and applications for these industries traditionally
fall into the machine-to-machine communications (M2M) category,
they're getting increasingly smarter. These devices and sensors are no
longer just creating alerts when things go wrong; they're delivering
valuable business intelligence to the companies that use them. As such,
these systems will increasingly generate a staggering volume of data that businesses will be able to analyze and leverage to improve
productivity, protect expensive assets and otherwise cut costs and grow their bottom line.
So why is now the tipping point for figuring out ways to better secure these systems? The answer is simple: the volume of connected devices is expected to grow five-fold over the next five years. Cisco Systems estimates that the number of connected systems
will grow to 50 billion by 2020, generating $19 trillion in new revenues for businesses worldwide during the next few years. Analysts from IDC expect the IoT technology and services market to reach $8.9 trillion in that same time period. While reality may not
reach those lofty numbers for some time, it's clear that we are in for a lot of growth.
It's easy to look at the IoT and be awestruck by the promise of increased efficiency and business productivity, especially when
systems such as those that control building automation replace manual checks at remote sites. However, there isn't the necessary
urgency surrounding the potential security issues that can arise when so many systems are connected via the Internet. More devices
and systems online means more devices and systems that need protecting, and IoT systems are not usually designed for cyber security. At the same time, most IT departments are very familiar with protecting laptops, servers and traditional IT infrastructure, and are
not equipped to manage a much broader set of interconnected devices and systems. This increased complexity within the enterprise
can't be overlooked.
Growth is coming, so what are we going to do about it? Any device that connects to the Internet with an operating system can
potentially be compromised, opening a backdoor for attackers into your business. Companies will not have the option to take a
wait-and-see approach while the industry hammers out a series of standards around IoT security. There are, however, things that
businesses can do today to ensure their remote assets are as secure as possible. Before you deploy that next "connected" application,
here are five things you need to keep in mind:
1) Make Sure Security is Front and Center - The building blocks of the IoT are billions of tiny sensors, which by their size
and nature are limited in terms of being able to support a robust security solution. But that doesn't mean they can be left unprotected; it just means you need to build with security as a priority from the start. By identifying potential threats and discovering
solutions early on in the development process, you'll develop a strong precedent that can be followed throughout the application and
device lifecycle.
2) Understand How Your Data and Devices are Protected - According to a report from HP Security Research, up to 90 percent
of M2M / IoT devices collect personal information. The problem is, most companies only have a basic understanding of how that
data is being protected. In many cases, they believe someone else is responsible for securing devices, data, applications and systems.
As discussed earlier, securing IoT systems and devices takes an adjusted mindset, and many IT departments don't truly understand
how IoT security differs from traditional network security.
6
www.RemoteMagazine.com
http://www.RemoteMagazine.com
Table of Contents for the Digital Edition of Remote - M2M 2015