Blogs

Internet of Things (IoT) is Transforming Internet Security

04.21.14

IoT means “potentially billions of devices will report data about themselves, making it possible to create new applications in areas as diverse as factory optimization, car maintenance, or simply keeping track of your stuff online” as reported in MIT Technology Review. The IoT allows Internet communications with unique objects using Radio-frequency identification (RFID), QR codes, barcodes, and GPS in cells and tablets.

Computerworld identified the following 6 ways IoT will transform enterprise security:

1. The IoT will create billions of new (insecure) end points. Analyst firms have differing takes on the number of devices or “things” that will connect to the Internet by 2020. Estimates range from Gartner’s 26 billion devices to IDC’s somewhat dystopian projection of 212 billion installed devices. Regardless of which is right, the one thing that is certain is that a lot of IP-enabled devices will one day find a home inside enterprises. Examples include smart heating and lighting systems, intelligent meters, equipment monitoring and maintenance sensors, industrial robots, asset tracking systems, smart retail shelves, plant control systems and personal devices such as smart watches, digital glasses and fitness monitoring products.

2. The IoT will inevitably intersect with the enterprise network. Just as there are no truly standalone industrial control networks and air traffic control networks anymore, there won’t be a truly standalone enterprise network in an IoT world, says Amit Yoran, general manager at RSA and former director of the National Cyber Security Division at the U.S. Department of Homeland Security.

3. The IoT will be a world of heterogeneous, embedded devices. Most “things” in an IoT world will be appliances or devices with applications embedded in the operating system and wrapped tightly around the hardware, said John Pescatore, director of research at the SANS Institute in Bethesda, Md.

4. The IoT will enable physical and physiological damage. While online threats mainly affect data, in an IoT world there will be physical and physiological risks as well, said Michael Sutton, vice president of security research at Zscaler.

5. The IoT will create a new supply chain. In a majority of cases, enterprises will have to either rely on device manufacturers for patching, firmware and operating system support or find a way to support the technologies on their own. Many of the devices that connect to the enterprise network in the not-too-distant future will be from companies that traditional IT security organizations are not familiar with.

6. The IoT will exacerbate the volume, stealth and persistence of online attacks. In theory at least, the threats posed by a completely interconnected world are not very different from the threats faced by most IT organizations today. Many companies are already intimately familiar with the challenges posed by smartphones, tablets and other wireless-enabled devices. What is different with the IoT is the sheer scale and scope of the challenge.

IoT has been discussed since about 1991, particularly with the use of RFID, but as the Internet grows IoT will become more important to security for all business and individuals.

The publications contained in this site do not constitute legal advice. Legal advice can only be given with knowledge of the client's specific facts. By putting these publications on our website we do not intend to create a lawyer-client relationship with the user. Materials may not reflect the most current legal developments, verdicts or settlements. This information should in no way be taken as an indication of future results.

Search Tips:

You may use the wildcard symbol (*) as a root expander.  A search for "anti*" will find not only "anti", but also "anti-trust", "antique", etc.

Entering two terms together in a search field will behave as though an "OR" is being used.  For example, entering "Antique Motorcars" as a Client Name search will find results with either word in the Client Name.

Operators

AND and OR may be used in a search.  Note: they must be capitalized, e.g., "Project AND Finance." 

The + and - sign operators may be used.  The + sign indicates that the term immediately following is required, while the - sign indicates to omit results that contain that term. E.g., "+real -estate" says results must have "real" but not "estate".

To perform an exact phrase search, surround your search phrase with quotation marks.  For example, "Project Finance".

Searches are not case sensitive.

back to top