The Internet of Things (IoT) is here, and it’s not going away.
Just ask Eric Murphy, vice president of security at Workrise, who estimates that there are as many as 46 billion IoT devices in the world. As the security head of a company connected to a wide variety of industries, he has to keep an eye on emerging trends — and emerging security threats.
“There are more IoT devices than human beings on the planet,” said Murphy. “They power consumer products, industrial machinery, fleet and logistics, and infrastructure.” With such ubiquity, though, comes a surge of security risks.
Since IoT devices have such low-power, low-complexity computers, they cannot have built-in security measures — leaving them highly susceptible to hacking. This is the basis of botnets, which are huge networks of IoT devices that can be coordinated into powerful DDoS attacks. Without proper security measures, an IoT network is a data breach time bomb. Thankfully, there are steps people can take to prevent this.
The best way to keep IoT devices safe is to use what Murphy calls “zero-trust principles.” Networks need to treat each device attempting to connect with suspicion and require authentication each time any device connects. This can be done with two-factor authentication or an IoT gateway — a physical or digital platform that IoT devices have to pass through — among other security measures. This is, of course, on top of basic internet safety, such as changing default passwords and only connecting trusted devices to a network.
The Internet of Things is an incredibly promising phenomenon. With it, our lives can become more efficient, convenient and even safe — especially when used in fields like manufacturing and healthcare. As such, it’s important to know and utilize reliable security measures to help the Internet of Things live up to its full potential. Workrise Vice President of Security Eric Murphy talked to Built In Austin about how to realize that potential by protecting IoT networks from security threats.
Some examples of IoT devices:
- Smart watches that monitor physical activity.
- Smart homes that use an app to control lights and appliances.
- Agricultural equipment that monitors soil temperature, moisture and wind speed.
On Security: There are more IoT devices in 2021 — 46 billion — than there are humans on the planet! They power consumer products, industrial machinery, fleet and logistics, and infrastructure.
IoT devices are inherently insecure as they are built with low-cost components, baked-on firmware and unmonitored supply chains. IoT botnets — such as Mozi, HeH and Hide’n’seek — are on the rise, with no signs of slowing down. Future forecasts indicate that IoT devices will reach 125B devices by the end of 2030. This represents a significant risk to any business as threat actors continue to target IoT devices with evolving capabilities.
A good first step in reigning in devices is to follow zero-trust principles: leveraging segmentation, establishing IoT gateways and including IoT in the patch management processes. This enables businesses to obtain the right kind of visibility, which empowers them to make the best security-centric choices for their business.
Eric Murphy is the vice president of security at Workrise, a workforce management company.