Security and the Internet of Things

Dateline: October 31, 2014

Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend.

Tonight is Halloween, our ‘holiday’ to explore the scary and creepy.  In keeping with this theme, this week’s idea combines two very ‘scary’ topics for many IT leaders: security and the Internet of Things.  Recently, Kevin Beaver, an information security consultant and founder of Principle Logic., published a blog titled Securing The Internet of Things.   He begins with hypothesis that anything on the web is a security risk,

Since the beginning of my career in information security, I’ve worked by the mantra that if a system has an IP address or a URL and it touches the business network or processes sensitive information in any way, then it’s fair game for attack. It should also be fair game that it fall within the scope of existing security management programs. Similar to mobile devices, instant messaging, social media usage and the like, we’re not going to stop the Internet of Things from growing. It has to be front and center in your security discussions.

Kevin suggests starting now to plan your enterprise’s security for the Internet of Things.  He lists 4 questions to get the planning going,

  • What role will your existing security policies play?
  • Will new security policies be required?
  • Who’s going to ensure that your policies are both enforceable and actually enforced to minimize your Internet-of-Things risks?
  • Who’s going to be monitoring the Internet of Things?  

What is the state of security for the ‘Internet of Things’ in your organization?

That’s a WRAP!  Have a wonderful weekend (and Happy Halloween!).

Speak Your Mind