While IoT has already made itself comfortable in the corporate world, it is an issue that remains controversial and should be treated with caution. Thinking of the BYOD (Bring Your Own Device) trend, experts quickly realized that smart devices and other IoT parts create a grave threat to a company’s security level. The truth is that the extra productivity and cost savings an enterprise gets out of this whole deal is proportional with the increasing number of network vulnerabilities that can be exploited via unsecured endpoints. Read our previous article on endpoint security here.
The Internet of Things or the Internet of Threats?
You may tell yourself that not all IoT devices can be threatening to the cyber well-being of your company. And that is where you are partially right. Indeed, not all of them are critical to your corporate security. There are some devices that can have a more damaging impact than others. Take for instance, a Windows 7, 8 or 10 workstation where the user frequently deferres updates and patches. When you expose such a device to the network, you basically offer hackers your data on a silver platter. Security best practices in a digitalized work environment are crucial to combat the double-edged sword effect of IoT and prevent it from becoming the dreaded Internet of Threats. At ITrust, our experts are continuously monitoring the state of the cyber-landscape and, as a result, act as security ambassadors in their pursuit of creating mass awareness. For more tips on how to acquire the most effective cyber-routine, you can consult the 10 most encountered security breaches here.
If you’re still not convinced of the risk businesses are taking when enabling large-scale remote controlling of their network assets, perhaps you would like to know that Gartner estimates the number of connected devices in business sectors to reach the order of billions by 2020 (20.8 billion, to be exact). On top of that, add the fact that most of these devices will not be secured by default, for the simple reason that their creators did not perceive security as a primary consumer need to begin with. This is the reason why scenarios such as hackers disabling the air traffic control center of an airport are becoming more and more plausible.
Hackers can do more damage now than ever before
The more internet-enabled machines we own, the easier it is for third-party devices to override our control of them. This year only we were able to witness hospitals being overthrown by ransomware (read our ‘How to avoid being in a data hostage situation’ article here), crippled not only financially, but also operationally. Imagine being a nurse in the Hollywood Presbyterian Medical Center and not being able to access your patient data because someone else clicked on an infected email attachment and now the malware it was carrying has taken over the entire network. Or even worse, imagine being the patient.
The evolved world provides use with numerous convenient advantages. We can synchronize all our devices, bring our own laptop to work or, vice-versa, bring our work computer home. Unfortunately, it also provides hackers with new opportunities to take advantage of the increasingly digitized and connected manner businesses are conducted in. Just this week, the FBI issued a warning to all smart car drivers that automated vehicle hacking is a very real risk.
What is left to be done?
One thing is for sure: if done right, IoT will completely revolutionize our way of living and, implicitly, our way of working. Despite the underlying risks, if businesses were to understand the need for advanced security analytics, the Pandora’s box of the digital era could remain closed forever. Organizations need to shift their focus on real-time detection of advanced threats and acquire full visibility where their security level is concerned.
Reveelium is a solution developed by ITrust with the aim of bridging the intelligence gap that antiviruses are confronted with and preventing IoT from wreaking havoc in the business environment. Learn more.
Cristina Ion (@_cristinaion_ or @Reveelium_AI) is the Community Manager of Reveelium Inc., a subsidiary of the French cybersecurity provider, ITrust and specialised in behaviour analytics and machine learning applied to the field of cybersecurity.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…