Today, 9th April 2015, marks the fifth annual global Internet of Things (IoT) Day, a day where the IoT Community is invited to host events focused on the IoT and its implications.
The IoT is a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data.
For example, a fridge which is programmed to recognise when you are running low on milk and has the ability to reorder more in this situation.
In last month’s Budget, Chancellor George Osborne revealed that the government would be investing £40m in the IoT and £140m the infrastructure and cities of the “future.”
“This is the next stage of the information revolution, connecting up everything from urban transport to medical devices to household appliances,” Osborne claimed.
“So should – to use a ridiculous example – someone have two kitchens, they will be able to control both fridges from the same mobile phone,” he added.
The IoT is a development welcomed by many as a futuristic sci-fi movie come true – however, there are those who are concerned about the security and data protection issues behind the network.
“Today marks the fifth Global IoT day – arguable, the reason the IoT is called that is because no one can quite get their heads round everything it might encompass, so ‘things’ was the best anyone could do,” claimed Martin Sugden, MD of data classifications and secure messaging solutions provider Boldon James.
“Given this level of complexity, organisations must find a way to identify and protect key data in the tide of information that IoT generates.
“A data-centric security policy that requires staff to assign a value to data ensures that organisation can identify and control sensitive data no matter where it is and how much data they have,” Sugden added.
Sugden’s thoughts were echoed by security and communications products provider ViaSat and its CEO Chris McIntosh.
“Organisations need to limit the scope of access from unauthorised parties as much as possible and assume that their networks have already been infected, this includes ensuring that, even if, or rather when, an attacker makes it into the system, the opportunity to do damage or steal data is limited,” claimed McIntosh.
“Next organisations will need to take steps to cleanse the network from threats and ensure each node can be trusted to convey the right information.
“Organisations need to wake up to the Internet of Threats and realise that a major cyberattack on a nationwide scale is not just a possibility, but an inevitability,” he added.
Meanwhile, Piers Wilson, head of product management at intelligent IT security solutions company Tier-3 has developed a three step plan for approaching the IoT in a secure and safe manner.
According to Wilson, the first step is to plan an IoT-aware enterprise network that gives thought to how a network is structured, how users and end-point devices connect and how servers, applications and critical platforms are protected.
The second step is to get the business engaged, just as one might with BYOD (Bring Your Own Device), and ensure the IT department is involved during the early stages of adoption.
Finally, organisations must strive for “IoT visibility” with a network and system monitoring capability that is able to detect IoT technologies deployed on a network and identify how they are behaving.
“Far from being a dystopian security nightmare, there are a number of proactive steps that can be taken to ensure that effective security is maintained as IoT and device-based technologies spread through the enterprise,” Wilson claimed.