Solutions Review—April 9, 2019
Today is IoT Day! On this day, we celebrate the power and potential of Internet of Things (IoT) devices to revolutionize our business processes. Research giant Gartner predicts IoT devices shall number over 20 billion globally by next year.
However, IoT devices come with severe endpoint security risks enterprises must address before connecting to them to their IT environments. While we should enjoy the capabilities lent to our businesses through the IoT, we should use IoT day as an opportunity to assess our security postures.
Therefore, we consulted with cybersecurity experts on why securing IoT devices matters to enterprises’ IT environment.
Why Securing IoT Devices Matters
Famously, IoT devices overall lack any kind of inherent endpoint security. Most manufacturers don’t prioritize securing IoT devices in any way; as a rule, they emphasize fast production and quality services.
Moreover, those manufacturers who do prioritize securing IoT devices often upload poor endpoint protections. In some cases, the manufacturers leave security vulnerabilities such as their (easily crackable or guessed) administrator credentials. In other cases, the endpoint security embedded in the IoT creates integration issues with other cybersecurity solutions.
Finally, even if embedded IoT endpoint security doesn’t run into these issues, they come with updating and patching issues. Securing IoT devices, just like securing other endpoints, relies on properly patching your cybersecurity, keeping it up-to-date. Without these updates, your endpoint security might lack the necessary threat intelligence to combat evolving cyber attacks.
However, IoT device manufacturer often make patching or upgrading their cybersecurity firmware challenging and frustrating. Additionally, manufacturers often fail to communicate their upgrades to their customers, leaving them in the dark.
Cybersecurity Experts on Securing IoT Devices
We could go into more detail on the importance of securing IoT devices with next-gen endpoint security. However, we thought we would use the occasion of IoT Day to consult with some cybersecurity experts on the matter. Below, we give their statements, with a few slight edits for readability.
Cliff Duffey, President and Founder of Cybera:
“The myriad of end user devices, IoT, workforce mobility and multi-cloud technologies that define and advance digital transformation has an unfortunate downside of increasing complexity at the network edge, as well as the probability of data exposure and potential attack vectors to remote businesses.”
“It is especially troublesome for business operators at the network edge, who may lack technical expertise, yet are susceptible to many cyber threats and security risks that IoT can introduce. Often, these remote site operators view technology changes as more foe than friend because of how far-removed they are from central decision makers.”