April 3, 2017 By Rick M Robinson 2 min read

The Internet of Things (IoT) is not just hype anymore. It is taking off at an enormous rate, and the predictions of 20 billion connected devices by 2020 now sound entirely likely. But as it takes off, so do IoT security challenges for both enterprises and consumers.

Obstacles range from software updating issues to employee education and user privacy. But the greatest security challenge of all may be the sheer number of connected devices in the IoT world. This influx means more potential gaps in firewalls, more software that needs to be updated and more interactions that users need to be aware of.

The more thoroughly we prepare for IoT security now, the better off we will be as the mobile ecosystem continues to grow around us.

More Devices Means More Targets

First, we had to worry about the physical security of our computers. More recently, we have learned to worry about mobile phones and tablet devices. Now, according to CIO, “we have to worry about protecting our car, our home appliances, our wearables and many other IoT devices.”

The sheer number of IoT devices poses a security challenge because every internet-connected device is another potential target for cybercriminals. Because those devices end up being effectively inside someone’s firewall, IoT security is an issue for any network that incorporates one.

Given the sharp increase in the volume and variety of IoT devices, we must now be concerned not only with risks to data, but also with risks to human lives.

Software Updates and User Awareness

Keeping IoT devices updated is emerging as yet another challenge. Proper updating of software has long been considered foundational to effective security. Many well-established portions of the internet have responded appropriately, but this security consciousness has yet to take hold with the IoT.

Device vendors typically focus on getting their products quickly out the door and onto the market. In many cases, they fail to pay sufficient attention to updating existing devices. The problem is complicated by the widespread use of firmware in IoT devices, which can limit the degree to which pure software updates can be pushed onto devices remotely, requiring direct user involvement.

User education is critical when it comes to IoT security. This is a major challenge, as evidenced by the widespread use of weak passwords and the continued success of phishing campaigns around the world. This is an even bigger problem when it comes to IoT devices that most people don’t think of as computers at all. In fact, they may not even realize these devices are connected to the internet.

Privacy and IoT Security

Moreover, the IoT creates new issues surrounding privacy protection that are independent of cybercrime. Firms in the IoT ecosystem are eagerly looking for personal user data, such as health data from wearable fitness monitors, to sell to marketers. This issue is usually posed in consumer terms, but organizations also have a stake in controlling their own information.

With the IoT growing at an exponential pace, these IoT security concerns are relevant today — not tomorrow. They deserve the attention of all individual and institutional internet users.

Listen to the podcast series: 5 Indisputable facts about IoT security

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today