Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 1 April, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Protecting Data in the Era of IoT

by The Gurus
July 26, 2018
in This Week's Gurus
IoT map
Share on FacebookShare on Twitter

The use and adoption of IoT devices is continuing to grow at break-neck speed. In fact, IHS Markit recently predicted that the number of IoT devices will balloon to 125 billion by 2030. Clearly, the advantages of IoT devices are well-understood: they are more capable, more efficient, and more reliable than their predecessors. But as IoT devices flood the office environment, businesses are failing to understand the dangers they pose.

 

Connected devices can be a threat to a company’s cybersecurity. While some are equipped with endpoint security – which protects them against cyber threats – many lack built-in protection. Unsecured devices create a conduit to the outside world, which malicious hackers are hungry to exploit to access private data. As the number of unsecured devices connected to the office network continues to soar, so will the risk of a major attack.

 

Businesses of all sizes must implement company-wide changes to protect their data and reputation in the IoT era. Here are four changes they must make:

 

  1. Protect Before Connecting

 

A device should never be connected to the corporate network before it has been properly secured and configured. Understandably, there’s huge temptation and pressure to get devices online as quickly as possible. But putting the cart before the horse has serious security implications.

 

An unconfigured device is vulnerable to a range of exploitations. For example, it may be pre-programmed with a generic default password, which can be found online. To ensure all devices are correctly configured, companies should centralize device management. This means tasking a single team of internal or external IT experts with updating, configuring, monitoring and maintaining all company devices.

 

This coordinated approach ensures all devices are properly configured and operating correctly. It also allows for more sensitive detection of dangerous or malicious activity within the device fleet.

 

  1. Use Device-as-a-Service Arrangements

 

It’s difficult to build an IT department with expertise in every connected device. When the IoT era brings wireless connectivity to light bulbs and coffee machines, building this level of expertise in-house will be next to impossible. Device-as-a-Service (DaaS) arrangements offer a solution.

 

In the DaaS model, device deployment, management and maintenance are outsourced to an external provider, staffed by product-specific experts. Knowing devices inside and out, DaaS specialists are well equipped to spot and solve vulnerabilities.

 

DaaS arrangements offer several other benefits. Devices are leased instead of owned, meaning more frequent hardware upgrades and the flexibility to quickly alter device inventory based on workload. DaaS also reduces the burden on the inhouse IT department and converts device investment from CAPEX to OPEX, creating cost stability. The DaaS contractor is also charged with end-of-life recycling, making the product lifecycle more environmentally friendly.

 

  1. Prioritize Cybersecurity in Procurement Decisions

 

In working to fulfill customer needs, it has become clear how rarely IT departments are involved in the device procurement process. This lack of connected thinking means cost-effectiveness becomes the priority, and cybersecurity becomes an afterthought.

 

Companies should restructure their procurement processes to involve IT professionals, who will make cybersecurity a key consideration. This involves asking CIOs and inhouse IT experts to help set the parameters for procurement and allowing them to have a say in the final purchase decision. The new parameters should mandate that if a device touches the corporate network, it must be equipped with state-of-the-art endpoint cybersecurity.

 

  1. Open the Lines of Communication

 

A recent report from CA Veracode revealed many business leaders fall alarmingly short when it comes to cybersecurity awareness. The report found, for instance, only one-third of the 1,000 business leaders surveyed “had heard of the global WannaCry ransomware attack.” More shockingly, just under half admitted major attacks had not led them to change their cybersecurity approach. If business leaders don’t appreciate or aren’t even aware of the state and scale of cyber threats, they won’t make the wholesale changes required for the IoT era.

 

To resolve this troubling lack of awareness, new lines of communication must be opened between IT experts and senior company leadership. Regular, in-person meetings should be scheduled, new reporting frameworks should be established, and decision-making structures must be changed to include IT.

 

IT teams must then maximize these opportunities by communicating cybersecurity issues in an effective manner, translating technical issues into C-suite speak and explaining their consequences in terms of financial loss and reputational damage. IT must also strive to make the issue real; demonstrating how a technical concept applies to the everyday office environment.

 

A cybersecurity defense is only as strong as its weakest point. If a single IoT device creates a vulnerability in the corporate network, a company’s private data could be compromised. Businesses must act to protect themselves, and their customers, before it’s too late.

Christoph Ruef

Christoph Ruef is Vice President and General Manager of HP’s multi-billion dollar Americas printing business. He has spent nearly 30 years working on HP’s print operations, managing global product strategy, marketing, go-to-market strategy and sales. He has worked for HP in Europe, Asia and the United States. In these markets, he has overseen tectonic changes to the printing market, navigating the transition from black and white to color printers and from single function to All-in-One products. Christoph speaks English and German and resides in San Diego.

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

Five common myths of SMBs when it comes to cyber security and online encryption

Next Post

WatchGuard Launches AuthPoint Multi-Factor Authentication for SMBs

Recent News

Data Privacy Day: Securing your data with a password manager

For Cybersecurity, the Tricks Come More Than Once a Year

March 31, 2023
cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information