While the security of IoT devices is a growing area of concern for the enterprise, the biggest IoT risk for businesses is if they decide to react to IoT issues rather than plan and prepare for them. Everybody knows that the earlier in a cycle you can deal with a problem, the less expensive it is. The IoT at its core is about sharing data. Some of that data may be benign but in all likelihood some of it will be sensitive, private or confidential and if that data is exposed in unintended ways you may find yourself squarely in the middle of an intellectual property loss or compromise.
When WiFi first starting making its way into the marketplace many organizations were ill prepared to understand the risks associated with laptops that literally travel around the world and communicate with networks you have no control over. All of a sudden, you had to think about all of the “What if?” scenarios of where those systems and the data on them may be.
The question about which devices may cause the biggest problems depends on the industry you’re talking about. The data you care to protect is different for healthcare, manufacturing, automotive, travel, agriculture, warehousing or telecommunications.
Regardless of the industry, however, there are common issues that will create potential problems and some of the important ones are as follows:
- Ensuring that data collected and transmitted by IoT devices are secure in transit and at rest
- More IoT devices means more opportunities for breaches and hacking
- Many IoT devices are like to be very small and portable, making them more difficult to trace, monitor or even find
Brad Johnson is Vice President of SystemExperts Corporation and has been a leader of the company since 1995. He has participated in seminal industry initiatives including the Open Software Foundation (OSF), X/Open, the IETF, and has published many articles on open systems, Internet security, security architecture, ethical hacking and web application security.