While the event didn’t make headlines at the time, in the second half of 2008 the number of devices connected to the internet exceeded the number of connected people for the first time. With that watershed moment, the Internet of Things (IoT) was born. Described by Gartner as a “…network of physical objects that contain embedded technology to communicate and sense or interact with their internal states or the external environment”, this evolutionary phase of the web will deliver both wide-ranging benefits as well as a growing number of security challenges for businesses.
There are several reasons for the escalating growth of the IoT, many of which are directly related to the explosion of smartphones and tablets, the lower cost and increasing utility of sensors, and advancements in RFID technology, which has lead to a growing number of companies trying to grab a piece of the IoT game. Evidence of the IoT as a serious growth industry was recently presented by IDC Research, which estimated that 20 billion “things” will be connected to the web by 2015 and that by 2020 that number will double.
One of the biggest concerns for businesses in this changing landscape is that in the process of rolling out newer and better products designed to deliver real time data, improved efficiency, increased competitiveness, etc., network security issues are being subjugated while getting new devices to market is being prioritized. The implementation of RFID technology in U.S. passports serves as a prime example of rushing a technology out without adding the necessary security protections. Despite an avalanche of sentiment against the initiative at the time, in 2006, RFID tags were added to U.S. passports which continually broadcasted the holder’s name, country of citizenship, date/place of birth, address, and a digitized photograph. After the implementation, gleeful demonstrations showed how all of the information being broadcasted by the RFID chip could be stolen by identity thieves from over 200 feet away with a high-powered antenna.
In an environment where an increasing number of non-secure devices are being connected to businesses’ networks, the number of potential entry points to those networks is presenting an unprecedented and growing security challenge. For small business owners, the current recommendation is to take a deliberate pace when treading into this new phase of connectivity. With performance being emphasized over security, all the benefits delivered by new sensor technologies may be diminished completely by non-secure devices that serve as open doors to circumvent the existing network security measures.