IoT to create new challenges for enterprise security

Ashok Kumar

Enterprises will have to ramp up their security infrastructure to prepare for the new threats associated with the Internet of Things (IoT). The Internet of Things (IoT) phenomenon undoubtedly offers tremendous scope for businesses to introduce new innovations, improve user experience and enhance customer service. However, as more and more devices get connected to form the Internet of Things, the opportunities for cybercriminals to create nuisance will also be much higher.

According to reports, the number of internet-connected devices is expected to reach 50 billion by 2020. This will automatically multiply the number of security risks or vulnerabilities that we will have to prepare for. Any new device connecting to the internet opens a new door for cyber criminals. In a recent incident we saw Wi-Fi passwords being leaked by a mere hack of smart LED light bulbs. Although the attack was not devastating in nature, but it clearly demonstrates the extent of damage that can be caused by seemingly harmless objects.

Even as IoT creates a more consumer-oriented and user friendly environment, it also brings in a fair share of complexities that need to be addressed. To be able to reap the benefits of IoT, organizations will first have to ensure that the right security model is in place to tackle the new security challenges that emerge. It's not just about protecting the IoT devices here. The area of concern goes even further to include consumers, web applications, mobile applications, cloud and everything within the parenthesis. In order to prepare their security environments for IoT, enterprises must evaluate the challenges it poses and create a secure infrastructure combining the latest tools and technologies that can be easily upgraded with increasing threats.

Stronger authentication without compromising user experience

There is need for authentication beyond the realms of the traditional firewall. With the increased adoption of IoT, users would be able to access the internet through multiple devices. This would obviously enhance their experience and expectations at the same time. The security mechanism has to therefore focus on creating a strong authentication framework without causing too much inconvenience to the users. Network visibility and continuous monitoring To be able to control and track the large number of inter-connected, enterprises will have to ensure complete network visibility and constant monitoring of all endpoints. Going forward, this kind of a security approach will become critical to detect any kind of faults, anomalous activities or suspicious incidents.

Safeguarding the entire ecosystem

So far most companies have relied on security tools and practices that are more reactive in nature, focusing on occasional assessments, disparate point solutions and manual response. Enterprises would now need to adjust their security architectures to better align with IoT-led IT environments and threat landscape. IoT would require an entire ecosystem to safeguard the network under a unified security platform rather than providing disparate security across different devices.

Managing legitimate access & control

While data encryption and authentication are important to maintain control, what is also essential is the understanding of the relationship between different parts of the ecosystem. Understanding the roles of different people in the organization, their specific requirements and knowledge of who needs access to what kind of data would help organizations in establishing the legitimacy of the user.

Flexibility to support new devices

The entire process of designing a platform that would unify the security management for multiple devices could be a challenging task in itself. But what is of a greater significance is the fact that businesses need to be flexible enough to support new services and devices as and when they come up. IoT is a phenomenon that is still in its early stages therefore one has to prepare for continuous growth and addition of new devices to the ecosystem.

The author is the MD and CEO, RAH Infotech