By: Michael Vedomske
For many businesses, security remains an afterthought; something that is rarely considered seriously when implementing an Internet of Things (IoT) solution.
Why should business leaders be more proactive about comprehensive security practices? Because not doing so means investments to build IoT solutions that improve processes and draw insight from valuable data are exposed to outside attacks and sabotage. Businesses should assign to security the same importance they do to the design of IoT networks and devices. In fact, Gartner proposes that overcoming security issues will be the linchpin to IoT success. After all, what happens to the overall integrity of IoT networks if individual objects — pacemakers, defibrillators, vehicles, baby monitors, smartwatches, oil field devices, asset trackers or appliances — are not secure, individually?
Let’s take the first example of pacemakers. Within those devices, transmitters play a critical role in home monitoring systems that connect to implanted cardiac devices via wireless RF signals. Those transmitters read the data stored on the devices and upload that data to the cloud and patient care networks so that doctors can gauge the health of their patients. As acknowledged by the FDA earlier this year, those transmitters can have built-in vulnerabilities. The potential for illicit sources to take over the commands sent to the devices or the data sent from the devices greatly increases if end-to-end security implications are not considered.
Even a seemingly innocuous appliance like a refrigerator can possess Google account credentials for Google Calendar displays. All devices, objects, and things must be considered in the fabric of IoT networks. The degree of security reflects the value placed on not only the objects or devices themselves, but the "things" they connect to and the people and data ultimately impacted by those linkages.
IoT is supposed to increase people's ability to control and monitor the world around them in an intelligent and increasingly automated way. But, as connected devices grow in number and become ever more interconnected, that control and intelligence will depend on the weight given to security considerations. Networks of interconnected devices will only be as strong as their weakest links.
When considering ecosystems of connected things, and when investing in devices and the integrity of their interconnections, businesses must pay attention to the importance of the data to not only themselves, partners, and customers, but to unlawful sources that see value in that data as well.