Internet of things products are small, networked and unfortunately have almost always little or no security. Sometimes this is down to a lack of willingness by the manufacturer but it is also partly due to the nature of the product – small and light also means that these devices have few resources for complex security features such as encryption and packet inspection. This leads to vulnerabilities, numerous attack vectors and ultimately to a bot device which can be abused by almost anyone. Following the latest large-scale attacks that primarily use IoT devices as a digital army there is a loud demand from those who want more legislation and governments to get involved. In a hearing before the Committee on Energy and Commerce of the US House of Representatives, the security guru Bruce Schneier stated that “catastrophic risks” would arise through the proliferation of insecure technology on the Internet.
In 2017, 69% of all applications will reside in the cloud according to Cisco. As we rely increasingly on benefits made possible by further advances in Industrial Internet of Things (IIoT) and mobile devices, it’s a statistic that will continue to rise. The challenge for enterprises today is how to protect data as it streams constantly between physical mobile/IIoT devices to virtual repositories in the cloud and back again. Until corporate IT departments fully manage and stay on top of security, large breaches will continue to make the headlines. Statistics revealed in the Ponemon Institute 2016 Global Cloud Data Security Study show there is still much to do. The study found that nearly half (49%) of cloud services in the enterprise are outside corporate IT’s domain, while around 47% of corporate data stored in cloud environments are not managed by the IT department.
At last, influential policymakers are slowly becoming aware of the damages unsecured IoT devices can cause. Recent attacks on high profile targets, exploiting cameras and routers, have attracted a lot of attention. Some of the issues will not likely be solved until manufacturers improve the security of their systems. However, many attack vectors could be eliminated easily with appropriate precautionary measures. Currently, the Federal Office for Information Security (BSI) is drafting a new module to address IoT device security. Although it does not refer to specific manufacturers or technologies, the proposal includes concepts for securing IoT devices so that they cannot be manipulated or accessed without authorization to compromise data and IT security within an organization or to target other organizations.
Once again Internet-connected gadgets, also known as the Internet of Things (IoT), are expected to be a gift for retailers this Christmas in helping them towards bumper sales. However, in many ways, the hyperbole surrounding consumer IoT is a mere side-show. According to McKinsey Global Institute, the real value of IoT lies with industry. McKinsey expects factories to be the top market for Industrial Internet of Things (IIoT), accounting for $3.7 trillion per year by 2025. Presently, IoT technology in general is relatively immature. Issues such as security and manufacturing standards are still the subject of much debate. However, the primary focus of the world’s professional engineering bodies is how to make IIoT more robust. In this respect, Virtual Private Network (VPN) technology has an important part to play by ensuring data traffic is secured at device-level and encrypted at all times.
Vulnerabilities in the vision of industrial digitalization and networking
In the future, more and more devices, systems and equipment will be networked under the vision of Industrial Internet of Things (IIoT). The main thrust of digitalization and networking is increasing efficiency and flexibility in industrial processes. Almost the entire industrial value chain is saturated with complex IT infrastructures with mobile and stationary components.
IT security is one of the most critical factors in this area as damage caused by manipulation and illegal data access can quickly reach catastrophic proportions. Many manufacturers are choosing IT security made in Germany as an important quality factor.
“Between the mind that plans and the hands that build there must be a Mediator, and this must be the heart.” This famous line from Germany’s 1927 masterpiece, Metropolis, continues to resonate today.