Should businesses scan everything connecting to their networks?
The Internet of Things has been slowly gathering pace in the last few years but with it being the focus of the Consumer Electronic Show (CES) earlier this month it needs to be on every business’ radar.
“We’re entering the third age of technology,” said Samsung UK vice president Robert King. “It’s no longer about standalone devices but interconnecting them so they can do more together.”
CES had a common theme of connectivity, with most products needing to have a connection that links to the Internet or to another connected device, like a smartphone. The advances being made will truly change our lives in the capital.
Everything from a new cycling helmet that will be able to detect approaching cars, reducing accidents, and smart pedals that warn the owner when their bike has been stolen, was showcased at the event.
While everyone is getting excited by the number of smart devices becoming available, we do need to consider what this means from a privacy perspective. At the event the US Federal Trade Commission warned about the amount of information some of these devices collect on an individual.
For example, could corporate health companies tap into the information from employees smart gadgets to determine the coverage needed and increase premiums? Or if companies themselves are given this data, what impact will that have on its recruitment policies?
The possibilities are endless; which means that security has to be at the priority when thinking about adopting these technologies.
It is not just the data gathered by these devices that can impact people, and the businesses they work for. As more and more ‘things’ become connected to the Internet, businesses need to be aware of what devices will, unintentionally, be considered part of their WAN, and extended network.
If an employee uses their phone to connect to their fridge at home, will the fridge then be part of the business WAN? It is something to consider, especially as it has already been reported that fridges connected via IP have been used in a botnet to send spam messages. With the deployment of IPv6 all devices will get a public IP address to the internet. This will aid communication when controlling or accessing devices remotely but it will open up a huge range of new vulnerabilities.
Another aspect that is adding to the IT department’s proverbial headache is the amount of data that could be shared over the Internet. How will they secure this data? How can they ensure that confidential data doesn’t get shared, or becomes vulnerable? Will the business network be able to cope with the amount of data it has to handle?
Huge automation is clearly an important building block in this next stage of the evolution of the Internet, which according to Intel could lead to some 31 billion web-connected devices by 2020. This will bring a whole new level to IT security as everything will be connected, and if this system runs autonomously, who will be keeping check?
All this means a significant focus on network security for businesses. ABI Research predicts that the total expenditure for mobile security management applications and services will double by 2015, to more than $1 billion, to allow for the systems such as secure back-up, remote data wiping, and encrypted communications that business need to stay secure with the advancement of BYOD and the Internet of Things.
With the Internet of Things, it isn’t an either or situation when it comes to connectivity and privacy. As smart devices advance, so does the security to support them. Businesses just need to ensure they are fully aware of what is connecting to their networks, and ensure they have the right technology and policies in place to protect the business.