We finally just got cloud security right, and now we’re screwing it up with new thermostats and copiers that make all that good security worthless
The internet of things, or IoT, is pervasive these days in your personal life. However, this technology is just getting into the Global 2000 companies. Yet most of the Global 2000 companies are unaware of the risks that they are bringing to IT and cloud security with their IoT adoption.
How did this happen? Well, for example, as thermostats and sensor fail in buildings’ HVAC systems, they are often replaced with smart devices, which can process information at the device. These new IoT sensor devices often are computers unto themselves; many have their own operating systems and maintain internal data storage. IT is largely unaware that they exist in the company, and they are often placed on the company’s networks without IT’s knowledge.
Besides the devices that IT is unaware of, there are devices that it does know about but are just as risky. Upgrades to printers, copiers, Wi-Fi hubs, factory robots, etc. all come with systems that are light-years more sophisticated in intelligence and capabilities than what came before, but they also have the potential of being turned against you—including attacking the cloud-based systems where your data now resides.
Worse, many of these IoT devices are easily hacked, and so can easily become agents for the hackers lying in wait to grab network data and passwords, andeven breach cloud-based systems that may not have security systems that take into account access from within the company firewall.
And don’t let price be a proxy for secrity level: I’m finding that the more specialized and expensive that the devices are, the more they are likely to have crappy security.
Read More: Enterprise IoT threatens to undermine cloud and IT security