IoT: Connect Everything, Segment Everything
With IoT largely in a testing phase, there’s too much at stake to not implement security measures.
We live in a world in which new technology solutions seem to emerge every day -- and the pace of innovation is rapidly accelerating. In 2017, we saw tech game-changers like self-driving vehicles, artificial intelligence, and Internet of Things (IoT) really start to take off.
IoT, in particular, is a major disruptor in the telecommunications industry, enabling devices and sensors to 'talk' to each other without human intervention. IoT is being leveraged practically today, for example, to monitor moisture levels in soil or to trigger an alert and video stream when someone rings your doorbell. A consumer may be walking by a retail shop and receive a custom sale alert to his or her smartphone -- this is IoT in action.
But beyond the conveniences in the consumer market, businesses can realize significant cost savings by deploying IoT -- or better yet, grow sales. In fact, a Gartner study found that in 2017, business IoT spend represented 57% of overall IoT spending for the year, signaling that more businesses are jumping on the IoT train. Competitive businesses can't get left behind and simply have to participate. However, companies getting their feet wet with IoT need to be aware of the greatest challenge awaiting them -- cyber security.
With the intelligence, cost savings, and sales growth that IoT affords, also comes great security risks. You probably don't need to be reminded of the significant security breaches from the past year. In fact, breaches have become so common that we've become accustomed to it. And now that IoT is being deployed and leveraged in cars, homes, medical devices, and other business, the entry points for breaches have grown exponentially. So any business implementing IoT needs to ask itself, what about security and privacy? What about security and privacy for both the organization and individual users?
A whopping 96% of IT security professionals expect an increase in cybersecurity attacks on industrial Internet of Things (IIoT) devices, according to a Tripwire study. And 51% of the 403 professionals surveyed indicated that they do not feel adequately prepared for security attacks that in some way exploit or misuse IIoT. Vertical industries such as energy, utilities, government, health care and finance face higher threats from digital attack, which could result in damage not just to network systems but to infrastructure.
There's going to be some significant security breaches with IoT -- it's just a matter of time.
However, consider Voice over IP services and how it rose to prevalence within the enterprise. This service has moved into mainstream technology without significant security issues. How might IoT do the same? There are ways to minimize security risks, such as encryption, CHAP , VLANs, firewalls, and SBCs. These go a long way in protecting you and your business. Unless the business is a household name or the organization has many opponents (e.g. Democratic National Party hack in 2016) most hackers are looking for easy targets to exploit.
Quite simply, there's too much at stake to not implement security measures and specifically segment the IoT devices from core systems and servers. Today, so much is in the cloud already, with security measures around them, but IoT in general right now is in a testing phase. There's great optimism, but no need to put these devices on the same network as mission-critical applications.
We truly are in a new chapter of technological advancements, which makes The Jetsons and 2001: A Space Odyssey seem a lot more realistic than a few years ago. However, if there is going to be 50 billion IoT devices by 2020, we need to lay a foundation with resilient security standards or the repercussions could be catastrophic to our safety and security.
"SCTC Perspectives" is written by members of the Society of Communications Technology Consultants, an international organization of independent information and communications technology professionals serving clients in all business sectors and government worldwide.