Rethinking security in the era of Internet of Things

by Sohini Bagchi    Jul 31, 2013

internet of things

The emergence of Internet of Things (IOT) — the connection of physical devices to the internet — will rapidly expand the number of connected devices integrated into our everyday lives, while at the same time, it will expose businesses and individuals to security risks of incredible heights, believe experts.

Beyond traditional perimeter 

“With Internet of things gaining prominence, connectivity will be present everywhere. This means that everything that can be connected will be connected,” says Amitabh Ray, senior vice-president, Ericsson India Global Services. However, this will give rise to a new security and privacy concern, as along with devices, hackers will also be better equipped, and target sensitive data from internet-based sensors.

Experts point out by 2020, trillions of sensors will be feeding data across the internet, recording everything from people’s movements to what they have just bought. with the humongous data sharing that will be involved in the world of IOT, cyber security needs a new approach.Dan Wood, senior marketing manager of HP explains that the data deluge in the era of Internet of things corroborates that traditional perimeter and data defenses are not going to be sufficient for enterprises to protect themselves.

Based on a recent survey conducted by HP Research, Wood believes the brand and customer reputation will depend on how responsible and secure a company is with customers’ data. As businesses gain greater access to data on their customers, including their location and context, they have to make ethical decisions on how to use customers’ information, as some part of it will always remain private and needs to be secured. According to Wood, these are not decisions that are meant to be taken solely by the CIO or the CSO, but it has to be collective responsibility of all the board-level executives in the organization who are responsible to manage the risks.

Data democratization

According to some, security in the era of IOT is more about data democratization. “Enterprises have to move beyond monitoring to control. To fully understand the value of internet of things, companies must bring new levels of autonomy to operations,” mentions Christopher J. Rezendes, president of INEX Advisors, a consultancy focused on the IoT in a recent blog. He says: “The autonomy will require devices to operate in independent mode, and support remote access to control functions. For example, they will have to ensure secure-two-way communications among devices.”

Experts opine that businesses investing in the IOT, need to establish new standards of construct including the technologies to secure the internet of things as well as new standards of conduct that includes policies to secure the IOT. As Rezendes points out in the blog, the first step should be to acquaint yourself with resilient networking principles that explores network or cyber security in more connected, automated, and dynamic digital networks that comprises IOT.

While developing policy around their IOT investments, enterprises should work with utmost caution. As Chris Clearfield, a principal at System Logic, points out enterprises should ask ‘why’ a specific device should be connected before connecting it and who will benefit? What would be the benefits? And likewise a set of key questions that can become a useful framework for working with partners to frame mutually agreed policies.

Experts believe ensuring success in the world of IOT will depend on not only defining the right security technologies, but also the right policies and its implementation. Internet of things has huge potentials and by realigning security systems to limit its potential threats, businesses can reach a new era of innovation.