GlobalSign Blog

07 Nov 2014

What IoT Security means for Enterprises, Consumers, and Manufacturers

The Internet of Things cannot be stopped.

That's not a bad thing. The IoT can deliver tremendous, unparalleled benefits for major enterprises, small businesses and government agencies. The potential for real-time insight, advanced big data analytics and high-quality business intelligence is virtually limitless.

That being said, business leaders and decision-makers must realize that embracing IoT is not a simple process. Its interconnected nature delivers new possibilities, but also creates new vulnerabilities. These vulnerabilities are a concern for consumers and enterprises using the IoT solutions, as well as the companies manufacturing the solutions and devices. We'll go over the concerns for each below.

For Consumers

Even the simplest household items are becoming Internet-enabled. Take, for example, Lifx and its smart light bulb. An excellent example of the IoT, this smart bulb could connect to owners' home WiFi networks, allowing users to control their houses' lighting via smartphone or tablet. Unfortunately though, a cybersecurity consulting firm proved that it was possible to gain access to a user's WiFi network by exploiting a vulnerability in Lifx. While this was a demonstration, rather than an actual cyberattack, it still revealed the new reality created by IoT's expansion: Even a light bulb now requires cybersecurity.

Biggest concerns:

  • Home network protection
  • Malicious attacks (e.g., hacking a keyless entry device, a garage door opener, or any other home system connected to wifi)

For Enterprises

The rise of IoT means that companies will inevitably increase their use of interconnected devices in-house. Unaddressed vulnerabilities in these machines can and will lead directly to devastating data breaches and other incidents.

Organizations need to identify their IoT contact points. By its nature, the IoT creates a huge number of these points, each of which can potentially serve as entry for a hostile cyberattack - again, consider the example of the smart bulb. Any firm that aims to take advantage of IoT needs a thorough understanding of exactly where the vulnerabilities may emerge.

Biggest concerns:

  • Protecting sensitive internal information
  • Malicious attacks through unsecured devices

For IoT Solution Providers/Manufacturers

Obviously, a breach like the Lifx one described above could have serious consequences for the homeowner. But the solution provider itself is also likely to suffer the brunt of IoT security failures.

Consumers today realize the importance of identity protection - they know they must be careful with their sensitive information to avoid the possibility of identity theft or fraud. And a big part of these precautions is avoiding patronizing those companies that have experienced data breaches or other security incidents. A firm that delivers IoT-connected devices to consumers or businesses will see its reputation, and its bottom line, significantly damaged if cybersecurity flaws come to light.

Companies that will offer IoT-enabled products and services need to understand the access points created by their products, and also have the ability to clearly convey this information to potential clients.

Biggest concerns:

  • Preventing malicious attacks via their devices
  • How to communicate any vulnerabilities to their customers
  • Addressing security concerns at the manufacturing level

New approaches to security

With the 50 billion “things” of the internet expected to flood the market in the next 5-6 years, IoT companies will need to address security concerns from the beginning of the design process, keeping in mind all of the concerns that we outlined above.

Learn more about security in the IoT, and see how some companies are already addressing these concerns from the manufacturing level on our Internet of Everything page.

IOT

Share this Post

Subscribe to our Blog