Real, potential or undiscovered, security threats posed by rapidly growing machine-to-machine (M2M) connections and the emerging Internet of Things are troubling IT administrators, according to a research report from GFI Software. Threats to the rapidly increasing number of Internet-enabled addressable mobile devices on their networks in particular are weighing on their minds.
Commissioning Opinion Matters to survey over 200 U.S. IT decision makers working for organizations with as many as 250 people, GFI Software found that besides opportunities, IoT “means growing security threats, greater device management challenges and increased costs for IT management” for small- and medium-sized U.S. businesses (SMBs).
Gartner Research forecasts that the number of “things,” i.e. devices connected to the Internet will surge rapidly higher, with 26 billion addressable devices connected to corporate networks by 2020. That, GFI says, “will create billions of new unsecured endpoints that will in turn produce new vectors of attack designed to either compromise the device or gain access to the infrastructure.”
According to its research survey, 96.5 percent of IT decision makers said IoT would have at least some negative impact on their organizations. More than half (55 percent) believe it will result in new security threats and extend existing threats to a greater number of devices.
Furthermore, 30 percent expect IoT to increase IT spending. Over one-quarter (26.7 percent) said device management “will spiral out of control” due to the rise of IoT. Fourteen percent said that deploying patches across multiple platforms will pose a particular challenge.
Internet of Things Security Threats
Commenting on the research results, Sergio Galindo, general manager of GFI Software’s infrastructure business unit, said, “The research findings reveal that the Internet of Things will transform business security, as even standard employee devices could present an opportunity for exploitation and pose a real danger to organizations if they are connected to the Internet without proper security protections.”
“With billions of devices poised to connect to the Internet, organizations are exposed to billions of insecure new endpoints that can compromise the network. The key takeaway is clear: IT organizations must plan effectively to ensure adequate operating system, firmware and patch support within the new IoT age.”
GFI offers a summary of steps SMBs can take to address the challenges posed by IoT:
- A Sea-Change for IT Administration: Each new modern innovation requires adaption to new technologies – not only to take advantage of the new opportunities, but also to adjust to the new problems that inevitably arise from it. So it goes with the Internet of Things, as more than three-quarters (78.6 percent) of IT administrators expect their security practices to change as a result of IoT. Among these changes, nearly one-third (30 percent) expect to have to revise policies about connectivity in the workplace to manage this adaption.
- Going Mobile: Danger Ahead: The increasingly prominent role wireless devices play in the daily lives of employees results in greater security risks in general for an organization. When it comes to IoT, the risks from mobile devices become particularly acute, according to survey respondents, 81.7 percent of whom indicated that mobile devices create the most potential as a point of exploitation in the IoT age.
- Build That Wall: Existing anti-spam, anti-virus and anti-malware infrastructure may not do the job of protecting against the multitude of risks posed by the billions of insecure new endpoints. When asked to rank priority areas of security focus, 45 percent of IT decision makers surveyed pointed to firewalls as their very top priority, while 35.7 percent cited mobile device management. Anti-virus was cited as a top priority by less than a fifth (18.7 percent) of respondents.