3 Big Se­cu­rity Threats with In­creas­ing Con­nec­tiv­ity

Voice&Data - - TRENDS 2017 -

With pro­jected mar­ket rev­enue of $1.7 tril­lion by 2020, as es­ti­mated by the Wall Street Jour­nal in 2015, the In­ter­net of Things (IoT) stands to for­ever change the world as we know it. Lead­ers can cre­ate a ver­ti­cal-driven strat­egy that pro­duces pos­i­tive and proac­tive busi­ness out­comes but strat­egy won’t take busi­ness far, if it doesn’t ex­plic­itly ad­dress the unique se­cu­rity threats that are in­her­ent to the in­creased level of con­nec­tiv­ity.

Th­ese kinds of threats aren’t easy to iden­tify or mit­i­gate, which is ex­actly why nearly 60 per­cent of com­pa­nies say they plan to “even­tu­ally” im­ple­ment the IoT (i.e. once se­cu­rity no longer con­cerns them) and why nearly 30 per­cent have no plans to im­ple­ment the IoT at all as sug­gested by Gart­ner, but this is likely to change quickly.

With the num­ber of con­nected “things” grow­ing, it is ex­pected that more hack­ers will feed off the ev­er­grow­ing pos­si­bil­i­ties to at­tack, threaten and com­pro­mise busi­ness. Con­sider the re­cent IoT-driven DDoS at­tack on In­ter­net per­for­mance com­pany Dyn, which dis­rupted web­sites like PayPal, Spo­tify and Twit­ter. As re­ported by the Wash­ing­ton Post in Oc­to­ber 2016, Dyn’s Chief Strat­egy Of­fi­cer ad­mit­ted that some of the traf­fic that at­tacked the com­pany came from com­pro­mised IoT de­vices.

3 IoT se­cu­rity threats to ad­dress

Per­son­ally-owned de­vices: Re­search by Gart­ner shows that about 40 per­cent of US em­ploy­ees at large en­ter- prises bring their own de­vice(s) to work, and 75 per­cent of com­pa­nies, as es­ti­mated by Techno­prore­search cur­rently per­mit or plan to per­mit BYOD in the work­place. Today, there’s a clear need among busi­nesses to se­curely con­nect th­ese per­son­ally-owned de­vices that si­mul­ta­ne­ously per­form mul­ti­ple func­tions and con­nect to pub­lic, pri­vate and hy­brid clouds. It may be easy to se­cure en­ter­prise IoT, but this gets a lot trick­ier when com­pa­nies fac­tor in the de­vices em­ploy­ees are us­ing on their net­work. Just con­sider the 10 mil­lion An­droid de­vices that were in­fected this sum­mer with Chi­nese mal­ware. My sug­ges­tion: There is a need to im­ple­ment some sort of mal­ware de­tec­tion mech­a­nism and de­liver some level of au­to­ma­tion that can quickly de­tect ab­nor­mal­i­ties on em­ployee de­vices and pre­vent them from spread­ing.

Open APIs: An open API model is ad­van­ta­geous in that it al­lows de­vel­op­ers out­side of com­pa­nies to eas­ily ac­cess and use APIs to cre­ate break­through in­no­va­tions. At the same time, how­ever, pub­licly avail­able APIs are also ex­posed ones. Pro­mot­ing open­ness means any­one can write new APIs (which is a good thing), but that can cause some chal­lenges in the mar­ket. If an or­ga­ni­za­tion has un­doc­u­mented fea­tures of its API, for in­stance, or if some­one is rolling out an API and doesn’t have it prop­erly doc­u­mented or con­trolled, hack­ers can po­ten­tially take ad­van­tage. At the end of the day, busi­nesses must be cau­tious as to what is be­ing ex­posed and doc­u­mented when writ­ing APIs.

In­flux of Data: The amount of data be­ing gath­ered from today’s ev­er­grow­ing num­ber of con­nected “things” is sim­ply as­tound­ing. In fact, a BBC re­search shows that about 90 per­cent of all data

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.