The Insecurity of the Internet of Things

25 Nov

The Internet of things is a hot topic at the moment.

In Securing the Internet of Things Peter Sondergaard of Gartner reports:

Securing the Internet of Things represents new challenges in terms of the type, scale and complexity of the technologies and services that are required. The Internet of Things means sensitive information, such as device operation details and personal data, transitions from moving within secure networks to moving between third parties.

It’s inescapable: The fundamental meaning of security is changing as things both inside your enterprise and those you create become connected to the Internet.

In the blog Protecting Trade Secrets, Eric Ostroff also recognises the problem, and offers the advice:

As time goes on, it will be very difficult, if not impossible, to avoid using the “Internet of Things” in a business context. When you do connect devices to the internet, assume that they have security vulnerabilities. Thus, before connecting the device to the internet, you need to work with your IT department/consultants to make sure that it has adequate security features.

Note there is a lot of R&D being done all over the place to figure out how to go about securing it. However, for me, there is one simple thing you can do right now that will significantly help.

Internet of Things

The principle is simple. When designing a zoo, you don’t put all the animals into one enclosure. Instead, you recognise that animals like lions, tigers and crocodiles are dangerous; so you build them their own separate enclosures.

So why not do the same for your network: One enclosure for the sensitive corporate data; one for your building management systems; one for your user BYOD and a different one for IoT devices. Just as you feed the animal in the zoo via a controlled access point to make sure each animal gets the right type of food, in a segmented network there are control points that allow data exchanges needed to support a business process.

This approach is called a segregated or segmented network, and tools exist to enable you to manage data flows between the segments: Firewalls; Guards; Proxies; Gateways and for particularly dangerous animals Data Diodes.

Many organisations have been taking this approach for years, called the DMZ. But now we are entering a time where a single segment – the DMZ – is no longer sufficient and you need to consider segregating your network into many more segments.

Actually, this is good practice anyway, irrespective of the IoT.

One Response to “The Insecurity of the Internet of Things”

  1. Deborah D Burns December 3, 2014 at 23:49 #

    Reblogged this on Deborah Burns.

    Like

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: