In a recent survey conducted on C-level executives, 63 percent plan to implement the Internet of Things (IoT) within their companies. Yet only 27 percent cite any misgivings about the security of doing so. This is disturbing, since most security analysts have serious concerns over the IoT and what cyber threats it will potentially open the door to. Some businesses have even turned to white hat hackers to help identify and eliminate security problems before the IoT becomes mainstream in business. How should your IT service desk be preparing for the IoT to keep your systems secure?
Recognize the Dangers Inherent in the IoT
The first problem is to recognize there is a problem. The IoT isn’t something in the far-away future; it is here and now. Smart devices are making their way into business in the form of smartphones, tablets, smart watches, Google glasses, and other connected devices. This opens the pathway to security problems within the devices, as well as in the cloud services that support the mobile workforce, global networks used to transfer data among devices and systems, local networks, the firmware and apps used by the devices, and the users themselves. Be aware of what security challenges come along with smart devices, whether your business utilizes BYOD or company-owned devices. Apple’s Mac OS X, Google Docs, and other mobile-friendly technologies have already proven dangerous in the world of hackers and cyber terrorists.
Security Should Start From the Beginning of Implementation
In order to address these issues, the IoT should be developed from the ground up with the focus on security, rather than adding security on as an afterthought. Hardware, including networking components, applications, and systems should be developed for security, not developed and then retrofitted with security measures. As your company discusses and prepares to adopt the IoT, think in terms of developing it for easy monitoring and threat addressing. In this age, breaches will happen. It’s a matter of identifying threats quickly and shutting down the attacks before damage is done.
Use Care When Selecting Devices
With BYOD, companies have less control over the devices and applications users choose. A good IT asset management system can help you control who has access via what device, and can help you control issues like employees who leave and continue to access the system, devices that are stolen or lost which contain sensitive information, and devices and software that need to be updated in order to keep security at the highest levels possible. For example, there is indication that Apple devices are more at risk than Android. Security issues with these devices has led to more malware development for iOS, and more serious breaches. IT needs to be aware of these security gaps and prepared to address them.
Educate Users on the Dangers and Safe Device and App Use
Educating users is a last tier of defense for the service desk. No, not all users will listen, and likely even fewer will follow all the advice given. But having knowledgeable and cognizant users can help prevent at least some of the security problems brought by the IoT. Education should be provided regularly, as people tend to forget and become lax about things after using new devices for awhile with no issues. Teaching should also be easy to understand and should be presented in a way that makes it personal and relevant to them and their lives.