Whether we’re ready for it or not, the Internet of Things is coming, and soon. You might see all sorts of connected devices on the market today that you would never think to connect to the Internet, but it’s our responsibility to inform you that these new devices could potentially put not just your business infrastructure at risk, but even your own life.
Security experts have long discussed the repercussions that the Internet of Things will have on the world of cyber security. It’s been predicted by Gartner that an average of 5.5 million “things” are added to the Internet of Things every day. This could include anything that connects to the Internet, but usually only refers to consumer goods that wouldn’t normally have any sort of wireless network connection built into them. By the end of this year, there will be approximately 6.4 billion IoT devices on the market.
The real problem here is that these numbers continue to increase by the day, and if the IoT’s growth is any indication, it’s not slowing down anytime soon. There were 3.8 billion in 2014, and 5 billion in 2015, so it’s not a stretch to suggest that the number of “things” connected to the Internet of Things will exceed 20 billion by the time 2020 runs around. Many researchers believe that the first major IoT data breach will happen sometime within the next few years.
At first glance, it might seem like many IoT devices are of little consequence and shouldn’t be worried about on a cyber security level. Appliances like blenders and toasters seemingly don’t hold much value to hackers. The problem, however, comes not from the devices themselves, but the networks that they’re connected to. If a hacker can bypass the security features of a smart device, they can potentially gain access to the network, and other devices connected to it.
Of course, the potential for damage extends far beyond the scope of just your own business. When you consider how computerized cars and physical infrastructure components, like dams and power plants, have become, you might realize that there is the potential for disaster, all thanks to the Internet of Things.
For example, what happens when a hacker disables a car’s brakes, or they decide to override a system setting on a dam and flood the surrounding landscape? As the potential for damage increases, so too does the potential for a hacker to grow interested in a target.
Why Vendors Aren’t Doing Anything About It
One of the major reasons why vendors are creating devices with security vulnerabilities is perhaps because of the lack of actual regulation and standards put into place to ensure quality of the device. In part, this is due to organizations refusing to spend money on devices that aren’t guaranteed to turn a profit. Thus, popular devices from different markets--not just consumer electronics, but also appliances and other industries--may wind up being manufactured with major security flaws that can be exploited by hackers.
Then there’s the problem with applying patches or updates to these IoT devices. When you think about it, there are two major ways to resolve a problem with your device; either download the patch, or replace it entirely. Considering how many of these IoT devices are both expensive and difficult to replace, the latter isn’t exactly feasible. Imagine purchasing a smart car with a security vulnerability that cannot be patched. You’d have to purchase a new one in order to keep yourself safe. That’s not just unreasonable--it’s also economically challenging, as this new technology is still quite expensive, and remains as such until demand or competition increases.
What You Can Do
Due to the Internet of Things’ incredible reach, it might seem like an intimidating notion to protect your business from the countless threats that could reach your infrastructure. You need to implement enterprise-level security solutions that can keep unapproved devices from connecting to your Internet connection, and you should always be conscious of how and where your data is shared outside of the office environment. Therefore, it becomes necessary to implement solutions with preventative security in mind, that keep threats from entering your network in the first place.
Paradigm Computer Consulting can assist your organization with the solutions you need to secure your network. With comprehensive solutions like enterprise-level firewalls, antivirus, spam blocking, and content filtering, you can keep your in-house network locked down nice and tight. Furthermore, you need to implement a solid BYOD policy that helps you manage the devices that connect to your business’s network. This should include a mobile device management solution that allows you to limit device exposure to corporate data, whitelist and blacklist apps, and remotely wipe devices should they be lost or stolen. To learn more, reach out to us at (603) 647-8614.