Note: This blog is the fourth in a monthly co-authored series written by Charlotte O’Donnelly, Research Associate at Blue Hill Research, and Matt Louden, Brand Journalist at MOBI. MOBI is a mobility management platform that enables enterprises to centralize, comprehend, and control their device ecosystems.
Transforming operations and ushering in a new age of security concerns and protocols that businesses will face going forward, IoT converts each business access point into a new potential data source, generating feedback that changes on a per-second basis. As such, the volume and granularity of this data makes it a highly valuable resource to enterprises and a clear target for nefarious activity. Unlike enterprise security of the past, IoT device and network security must keep pace with the rate of real-time data and thousands or millions of new enterprise access points that can potentially be compromised.
All it takes is a look at recent headlines about breaches at companies like Yahoo! and Target to realize business and consumer data is no longer safe from prying eyes, especially now that it’s largely stored and transmitted through the cloud. Security breaches aren’t just becoming more prevalent; their impact is becoming more serious. A major security breach could put a company out of business or destroy its brand reputation if customers, vendors, and partners lose trust in the organization’s ability to securely operate.
The threat of sensitive business information on unsecured mobile devices or wireless networks became a concern with the advent of enterprise mobility and machine-to-machine (M2M). With machine-to-machine (M2M) technologies, one machine communicates with another across an internal network via embedded hardware modules, making data much more localized. In the wider networks of IoT, this threat becomes even more pronounced as IoT data is shared with internal networks, in the cloud, and on devices. The sheer reach and volume of data generated makes IoT security an unprecedented challenge for businesses.
IoT devices also suffer from a lack of industry-wide security standards. In enterprise mobile technology, security largely takes place at the component level: manufacturer security at the device level, enterprise security at the software layer, and network security in the cloud. When IoT software is overlaid onto built-in device security, the same basic device now has two very different and distinct security profiles. That makes it challenging for enterprises to manage all program access points: the device, network, and data.
IoT device manufacturers need to work together to develop secure, universal architecture and code management standards. Unfortunately, this level of “coopetition” is a long way away. For now, enterprises are left to develop their own security standards, causing the number of data breaches to grow as companies navigate this new world of device security.
As IoT often involves investing to make currently owned devices and equipment smarter, eliciting the behavior change required to provide adequate security for IoT devices can be a challenge for organizations. For mobile devices, many companies address security and management challenges by working with a third-party Enterprise Mobility Management (EMM) vendor whose software provisions secure and standardized protocols to entire device inventories. By outsourcing these tasks, enterprises gain best-in-class solutions without incurring significant overhead or tying up scarce IT resources. Much as they did with mobile devices in the past, today’s EMM vendors are increasingly incorporating IoT devices into their platforms and building out industry best practices for this new technology.
In the future, organizations will incorporate all IT assets (mobility, M2M, cloud, IoT, and traditional legacy infrastructure) into a single management platform —in many cases through a third-party relationship. Like mobile device security, IoT will largely be driven by outside partners that have experience incorporating IoT devices into enterprise device management portfolios and security protocols.
To successfully accomplish this, IT will need to involve virtually every organizational decision-maker within telecom, procurement, and purchasing departments. An enterprise’s IT asset buyers have not traditionally been the same people setting up carrier accounts or paying the bills. By bringing together different departments, businesses can get closer to creating IoT standards that minimize the risk of security breaches and allow businesses to better compete in this new era: the Internet of Everything.