Just as the advent of social media changed how our culture views privacy, the “internet of things” (IoT) is likely to change how organizations think about the security of their enterprise software and business information.
In the IoT, many functions are moving from the IT environment into purpose-built platforms for specific businesses uses, often employing sensors, embedded technology and machine-to-machine (M2M) communications, according to an InformationWeek article.
These objects have the ability to gather and generate information, as well as to change their environments. And that’s likely to signal a dramatic change in the security requirements and responsibilities for IT.
Think about all of your company’s networks and customer-facing portals, as well as all the consumer apps and mobile devices that your employees bring in. The more objects and devices you have connecting to the IoT, the more vulnerability you introduce into your home network. In other words, the stakes go up dramatically.
Currently, user adoption for personal IoT devices is largely confined to the tech-savvy. The technology isn’t quite there for mass-market consumers, but apps like Nest and Cosy are starting to gain popularity as Big Data companies try to generate more information from homes.
You could have thousands of employees, each using your enterprise software and networks in a secure fashion. Then one person brings in a device, and that object connects to all the other machines and gains access to your corporate network. That opens the door wide for phishing and any number of harmful activities.
Certainly, the IoT is going to play a major role in shaping enterprise software and security requirements. Today, most people in enterprise IT seem content to just ignore the implications of IoT until it becomes more important — i.e., when companies start getting hacked.
It’s important for chief information security officers (CISOs) to think in terms of facilitating the IoT, rather than trying to prevent it. This wave of technology is coming regardless, so the emphasis should be on how to allow and facilitate secure use.
Is your IT department looking to develop new security measures to cope with IoT technology? Contact us today to talk with our team.
Source: InformationWeek, May 2014