According to Gartner, there could be 25 billion Internet-connected things (IoT) stimulating nearly to US$2 trillion of economic benefit universally by the year 2020. Although, the technology of things is advancing with each passing day, security concerns major roadblocks to their IoT growth. This can be explained with a simple example that when the extent, complexity and diversity of a business grow, new rules for ensuring security must be created.
Image Credits: metiscomm
However, the prime challenge here is that most of the organizations are deficit of the skills, visibility and capability to secure the IoT with right management.
The thing is that technological boost has made it difficult to set up security standards that are hard to break through. For instance, the increasing dependency of IoT on Cloud computing that drives the adoption of smart devices built in with many sensors along with millions of applications to support those makes the data vulnerable to ‘hack’ while making it accessible everywhere, any time.
Analysts at EY say that there are no truly integrated environments to support this interconnected technology. Plus, cloud computing is in need of serious improvement, particularly in terms of security.
Such factors definitely influence the ability to identify threats reliably and comprehensively based on static deployment of security appliances at fixed locations. The fact that anything outside the perimeter is insecure and anything inside is secure, no longer holds true.
Focus on Detection
Despite of all the challenges, ensuring security is must. By assuming that breaches are inevitable, modern security strategies should strive to detect and cover the breaches from within, in addition to stopping them. The strategies could be:
- Provide traffic visibility from physical and virtual environments reliably even when users, resources and applications change.
- Eliminate the requirement of identifying static choke points within the network or speculations on where the security appliances should be placed for getting appropriate traffic feeds.
- Detect malware that leverage encrypted communication channels along with protecting sensitive information.
- Send relevant traffic streams to specific security appliances only for better efficiency and effectiveness.
Hence, the security team on every business will need the right skills and tools to identify the IoT devices, secure IoT data and traffic, and determine the difference between legitimate and suspicious communications.