The Internet of Things is permeating every facet of our lives. It brings with it new cybersecurity risks for developers to consider.
The entrenchment of the Internet of Things (IoT) into every facet of our existence has established itself as both a superb innovation and a security minefield. The sheer number of connected devices in any one system presents numerous points of entry for nefarious purposes.
With IoT, the world essentially becomes one integrated information system aimed at improving the quality of life and driving new business models. This means that an increasing amount of personal and corporate information exists in the cloud where it potentially interchanges with a multitude of devices. One weak link in the security chain could provide rogue elements with a vulnerability to exploit and enjoy unlimited access to data.
As IoT creeps into every aspect of our existence, many security issues arise and the network that may just connect the home could pose a threat to the general public if compromised. The pervasiveness of IoT comes with its own set of cyber securitychallenges. Here are five of them, along with what companies can do to mitigate these risks.
Mobile devices, once a fad only utilized by traveling salesmen, have become a professional necessity. As the applications and functionality of mobile devices expand, so does its usage. As such, companies now include such devices into its Information Technology strategy as a pivotal component integrating corporate cyber security and data safety policies.
The entire system, including mobile devices, need to be incorporated into security procedures. Hardening systems against these vulnerabilities involve leveraging security practices with secure communication, mobile device management protocols and system maintenance ensuring it is up to date with the latest updates, fixes, and patches.
By connecting a greater diversity of devices to networks, this brings with it the associated risks. To put this into perspective, there are more than three billion smartphones currently in use globally and eight billion IoT devices. The scale is substantial and it is only growing. The Gartner report predicts over 20 billion connected things by 2020, all of which represent a portal to the network which can be hacked or compromised.
To protect organizations against this proliferating risk is not easy, but can be done. Security of each node in the framework is necessary to impart security as a whole. Endpoint validation is vital to security, as is controlled network connections. For example, an employee connecting his Fitbit to the work computer can result in an unintended compromise of the network. A hacker can penetrate his personal home network and through the Fitbit, gain access to business information. Thus organizations need to have a control system in place for unauthorized devices connection. All connected devices need to adhere to security protocols in place to ensure full security integration across all nodes.
As opposed to just worrying about data leakage, the mounting IoT network opens up the grid to malicious cyber-attacks. A compromised network doesn’t only mean access to private banking details, but access to public infrastructures such as traffic lights, GPS tracking systems, water services and power plants could fall prey to hackers. This raises the stakes for adequate cyber security considerably, as a compromised system has much larger consequences than the organization losing profitability and efficiency.
Security of all interfaces, mobile, fixed and cloud, need to be maintained. This may include additional firewalls and network traffic monitoring, as well as access control.
Even if precautions are taken to secure data, the level of sophistication exhibited by cyber-attackers is remarkable. Attacks can be crafted not just from public networks but from private sources, such as cars, smartphones, and even smart homes.
There are various encryption models that companies can take advantage of to prevent unwanted dissemination of data. De-identifying data from all personally identifiable information effectively protects the privacy of those involved, prohibiting hackers from doing anything with the apparently meaningless information. Mandatory access control needs to be implemented to secure networks against malicious penetration.
The proliferation of IoT has enabled the collection of big data. Smart sensors are gathering information for use in machine learning algorithms to add value to businesses and promote informed decision making. The sheer volume of this data generated from IoT devices is immense. A Federal Trade Commission report stated that 10,000 households can generate 150 million data points daily which provides a significant number of entry points for hackers.
With the cyber security risks surrounding IoT development increasing, it is advisable for companies to employ professionals to secure networks and devices against unwanted infiltration. Cybersecurity personnel needs to shift with the innovative new ways hackers intent to profit from unmonitored and insecure systems and meet the challenges proactively.
Cyber security is a key concern for organisations of all sizes. Protecting devices, networks, data and apps is an essential component of doing business. Vodafone provides security products and services to businesses of all sizes, helping you secure your business anywhere because we are everywhere. We are trusted by organisations globally, including utilities, financial institutions and government agencies. For more cyber security insights, you can find us on Twitter and LinkedIn.
Gartner has positioned Vodafone as a "Leader" in its Magic Quadrant for Managed M2M Services, Worldwide report 2017, for the fourth consecutive year