Despite being the subject of many think pieces and articles over the years, the internet of things (IoT) has slowly rolled out into many areas of people’s lives almost without notice. From minor conveniences like personal assistants that queue up a streaming music playlist with a single command to critical applications like industrial sensors that enhance productivity with predictive maintenance, internet of things devices are already reshaping the ways companies manage their networks and interact with consumers.
Over the next seven years, the global internet of things market is expected to grow by $3 trillion annually. A recent Business Insider report even estimates that there will be more than 64 billion IoT edge devices active by 2025, up from “just” 10 billion in 2018. With 5G networks expanding their reach in the coming years and more companies embracing edge computing architecture, it’s no wonder that the future for IoT edge devices is so bright.
Former Cisco futurist Dave Evans once calculated in 2015 that an average of 127 devices were being connected to the internet every second. While there are obvious benefits to be gained from this unprecedented degree of connectivity, it also raises quite a few security concerns regarding IoT vulnerabilities. Every additional device in a network creates a new potential point of attack for hackers, viruses, and other forms of malignant programs.
Many organizations don’t even have a way of tracking devices their employees bring into the workplace, leaving them open to potential security breaches. In one notable IoT vulnerabilities case, a company discovered that an employee’s e-cigarette was transferring confidential data to a foreign country after it was merely plugged into a workstation USB port.
Since IoT edge devices operate primarily on the outer edges of a network and have the ability to communicate with any other connected device or system, it can be very difficult to protect them from being compromised. Further complicating matters is the fact that many IoT edge devices are autonomous, accessing networks and interacting with other devices according to their pre-established protocols or insights from analytics and machine learning. This has profound implications for security and IoT vulnerabilities. “Equipment or software can be designed to speak with each other,” Jared Hoven, a Project Manager at Trackimo, observes, “and find gaps where sensitive information can be exploited or leaked without noticing.”
One solution is for organizations to simply treat every IoT edge device as if it’s already compromised. Instead of automatically trusting information sent by these devices, centralized network architecture can be put in place to carefully screen and verify incoming data and access requests. “This is why major companies require people to go through multiple layers of security for doing something as simple as logging into an account,” Hoven points out. While this could compromise performance in some cases and cause some inconvenience, it’s certainly preferable to an IoT-related data breach.
As internet of things technology becomes even more common, companies will need to take a more proactive approach to securing customer data and ensuring that malicious actors don’t exploit IoT vulnerabilities to carry out data breaches. Steve Latham, founder and CEO of Banyan Hills Technologies, sees these concerns as something IoT companies won’t be able to avoid forever:
People assume it’s being taken care of and that’s because the technology’s maturing, but I don’t know that we should always assume that to be true. We’ve seen some crazy headlines in recent years with regards to security and IoT. We saw someone hack into a casino through a smart thermostat inside a fish tank, for instance. Security in the IoT world is not an afterthought; it is becoming table stakes. It’s essential to protect your customers, your enterprise, and your reputation.
One thing is clear: older security protocols designed for networks without IoT edge devices will not be up to the challenge of providing security for the smart networks of tomorrow. It will be incumbent upon every organization to implement new security measures to protect their customers and mitigate the potential risks posed by an ever-growing universe of IoT edge devices.