The Internet of Things is well under way, and it’s all around you. Just take a look around your office and take note of any connected gadgetry that you see. All kinds of connected devices are entering the market, many of which you might never consider connecting to the Internet. However, it’s your responsibility to take these devices into consideration, especially if you want to keep your business--and its users--safe.
Security experts have expected the Internet of Things for quite some time, and much has been said about how it will affect cyber security. Gartner predicts that an average of 5.5 million “things” are added to the IoT every single day, which includes devices that might not normally connect to the Internet. Think consumer goods that wouldn’t normally have any network connectivity or functionality. It’s been predicted that by the end of this year, there will be approximately 6.4 billion IoT devices on the market. You don’t need us to tell you that it’s virtually impossible to secure billions of devices.
The main concern of these professionals is that these numbers are growing at an alarming rate. If the IoT’s growth is any indication, this growth isn’t going to slow down. In 2014, there were only 3.8 billion devices. In 2015, that number rose to 5 billion. It’s not a stretch to suggest that the number of “things” in the Internet of Things will far surpass 20 billion by the time 2020 comes and goes. Much to the dismay of IoT advocates, researchers believe that the first IoT data breach can happen as early as within the next two years.
At first glance, these Internet of Things devices seem to be of little consequence. However, on a cyber security level, these devices might be surprisingly dangerous. Appliances like blenders and toasters that have smart capabilities might not seem valuable to hackers, but their value lies not in their connected functionality, but how they communicate with other networks and devices. If a hacker can sneak past the security features of a smart device, they can take over the network it’s connected to--and all of the devices connected to it.
To understand the danger of this situation, you have to think far beyond the scope of just your business. There are computerized cars and physical infrastructure components, like dams and power plants, that are reliant on network connectivity. Suddenly there’s a huge potential for sabotage on a massive level. What if a hacker disabled a car’s brakes, or they override critical systems of a dam and flood the surrounding area? As long as the amount of damage possible increases, hackers will continue to grow more interested in a hacking target.
Why Aren’t Vendors Doing Anything About It?
One of the biggest reasons why vendors are creating devices with significant security vulnerabilities is because there aren’t any regulations put into place to demand a higher standard. Their reluctance to improve their product makes sense in a way; after all, why bother improving something that doesn’t need to be improved upon? More than this is the organization's’ reluctance to make devices that can’t turn a profit. This leads to popular devices from all types of markets, including business, consumer electronics, and home improvement, having major vulnerabilities.
Then you need to consider the complications involved when applying patches and updates to these devices. There are only two real ways to resolve a patching problem on IoT devices: either download the patch or replace the device entirely. The problem is that all of these devices are different, making patches somewhat difficult to issue, and the cost of these devices makes them hard to replace in general. Purchasing new devices just to retain security isn’t reasonable in the long run, as it provides consumers and businesses with unnecessary economic hardships.
What You Can Do
Since the Internet of Things is so all-encompassing, managing these devices might seem intimidating. However, enterprise-level security solutions can afford you some leeway in protecting your organization’s infrastructure. These solutions can keep unapproved devices from connecting to your infrastructure, and you can control how these devices share and connect to information within your business. In fact, it should be argued that this type of IoT management is necessary in the face of such threats.
Computerware wants to help your organization ensure the security of your network. Through comprehensive security measures like enterprise-level firewalls, antivirus, spam blocking, and content filtering, you can keep your in-house network locked down. Furthermore, we can help you set up a Bring Your Own Device (BYOD) policy that keeps unapproved devices off of your network. For more information, reach out to us at (703) 821-8200.