The introduction of Internet of Things (IoT) devices may herald deeper insight into operations or customer behaviour, but most certainly it will introduce even greater risks to organizations and operations. In part it is because security was never an integral part of the design at the beginning.
Things get complicated quickly as the number of connected IoT devices balloon becoming difficult to monitor and manage.
According to Simon Piff, Vice President of IT Security Practice at IDC Asia-Pacific, any discussion on IoT and security will naturally lead to questions of where the devices [or sensors] are and what kind of trusted security controls around the device exists, and who should have access to these.
Raising the concept of distributed integrity, he opines that if we want to access data coming from IoT devices, how do we validate the data? For sure the data is collected at the edge and only brought to the core system after being vetted.
“That data layer, what it is, becomes important,” he remarked.
He agrees that the arrival of 5G is only going to increase the amount and speed by which data is acquired.
“We need to start thinking more in terms of how we can manage and manipulate that information in a secure environment at the edge before we bring it in, and process it in our core data centres. So it's putting layers of security in place and understanding the risk for those discrete components and applying security accordingly,” he concluded.