Adopting IoT Is Semi-Adapting Risks, Unless Mitigated
IoT (Internet-of-Things) is expected to create new value by connecting everything to the Internet. In particular, a system that highly integrates cyberspace (virtual space) and physical space (real space) to realize a future society that achieves both economic development, the solution to social issues and also entertain us in our daily lives. The public and private sectors are working on connected industries aiming to create new value and solve social issues using technologies such as IoT and AI. Companies will also have many expectations for IoT, which uses visualization technology to visualize the field and to find new value through advanced analysis with existing data.
Though many organizations and individuals grew paranoid with massive data collection in both private and public sectors, the current situation is that data collection is performed for some purpose such as maintenance of equipment, for mundane purpose instead of companies becoming big brothers of the common Joe and Jill. The driving force when it comes to Internet-connected devices in the enterprise environment is not from the IT team or the board-of-directors but from employees themselves. The natural evolution of BYOD (Bring Your Own Device) is IoT, simply regular appliances with an Internet connection.
Considered as a security nightmare by IT professionals, IoT is taking the world by storm as hardware vendors are using “Internet-enabled” feature of these appliances as a “feature” worth every dollar. In the recent Internet of Things World report, aside from implementing IoT devices to the enterprise network, security of those devices is a major point of contention. Cost is never a big aspect of an organization for installing IoT devices (3%). Security and Implementation concerns occupy the largest share of issues that need to be answered when installing IoTs (59%).
Not all organizations are gullible, in fact a sizable number of them 45% mentioned that they are only deploying IoT devices in a separate LAN/WLAN instead of connecting them to the main corporate network. While 46% of the respondents highlighted their employees are trained well when it comes to responsible utilization of IoT devices. “Cyber threats come from so many different directions for the modern enterprise. So often the difference between being compromised and being secure is having done the checklist of best practices, like making sure every device has the latest software updates. Our research showed that luckily IoT executives are very aware of this reality,” explained Zach Butler, IoT World’s Director.
The supplementary definition of role separation in IT is also a good practice in order to lessen, mitigate if not stay out of the radar of possible attackers. People in the organization with access to the admin account of the devices need to be clearly defined, and the moment they left the organization, the same access needs to be revoked. This is the same level of User Account Management as a regular domain account in the corporate network. More staff under the IT department lengthens the capability to address potential issues before it actually happens. A small IT staff is a magnet of problems in any organizations, as all are dependent on technology these days.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.