The Internet of Things is a relatively new frontier in computing, and the concept is starting to leave the house and enter the workplace as more users adopt the technology. Soon, more employees will come into the workplace bearing connected things that can make their work easier and more efficient.
The number of connected devices and wearables under the Internet of Things are on the rise. Gartner says that 4.9 billion connected “things” will be in use this year, a 30% increase compared to 2014.
Telecommunications experts estimate that 10% of enterprises have already adopted IoT and will likely grow through the years. This is as IoT offers disruptive means to accomplish greater heights in business. If there's anything that companies can learn anything from the mobile and BYOD era, it is that megatrends such as these are too big to be controlled.
Connected things carry various risks that companies need to mitigate, apart from the more obvious consequences such as state-sponsored attacks, high profile breaches, and the continued increase of malware numbers organizations have endured in the past years. Given the magnified losses many businesses endured in 2014, it is only logical for IT administrators to enhance their mindset about security and act accordingly.
As IT departments struggle to protect the company’s crown jewels, how do owners of connected things figure in the move to protect the enterprise? Here are three things to consider:
Personal IoT Device as Attack Vector
It's easy to imagine villains in action movies planting small cameras that stream company meetings in real time. These days, connected devices make it easier for malicious individuals to plant inconspicuous items that can record or steal company information.
What happens if the employees themselves are the ones who bring these devices and leave them lying about unsecured, unpatched, and filled with sensitive information? This is how lost, stolen or hacked devices or wearables can compromise a network. Your nifty sensors or smart cameras can be very attractive targets for attackers looking to know about an upcoming product launch or a clever marketing strategy.
Security of Personal Data
IT administrators need to gather security intelligence and track the flow of company data across all channels to effectively secure the enterprise network. This includes gathering data that passes through connected devices.
Collection, transmission, and storage of these types of data may vary across organizations. The main question for you to ask is, are you comfortable with the processes involved? Will you be fine with connecting your smart watch—a personal device that records your sleep patterns or counts your calories—to the company system? In case of a breach, know that IoT data, including both work and personal information, can be stolen or destroyed.
Added burden to company resources
Seeing as IoT adoption is far from reaching its saturation point, enterprises are still gearing up for the influx of connected devices on their networks. As such, device owners looking to use IoT devices at work first need to ensure that the IT department is up to speed with the technical requirements for each. IT staff may need to be empowered with additional resources to be able to allow the optimal performance of IoT devices. This may include developing a process for patching new devices, managing them from a centralized network, creating additional device guidelines, and other administrative tasks.