The Internet of Things is Missing Something: Security

  • Learn How Las Vegas is Stimulating Startups

    by Lester Keizer  | May 12, 2014
    This guest blog entry was written by Lester Keizer, CEO of Business Continuity Technologies. Business Continuity Solutions has been in business for over 30 years. We’re one of the oldest technology companies in the Las Vegas area. Over the decades we’ve morphed from a regular technology product sales company to a company selling enterprise-level products to a firm that does strictly managed services in its purest form. The last six months has really been great for our company. We see ...
    Full Story
  • ChannelTrends: Tackling the Challenges and Opportunities of Managed Services

    by Brian Sherman  | May 07, 2014
    Remote monitoring and management tools have been available to channel companies for quite some time. Just last week, a friend of mine sent me a link to the first article I ever wrote on managed services — from almost a decade ago — to congratulate me on 10 years of covering this industry-changing topic. Though it was just a brief mention from the former Gartner System Builders’ Summit and VARVision show, the Business Solutions magazine piece reminded me just how much the channe ...
    Full Story
  • Increased Demand for Skilled IT Help Requires New Recruitment and Training Strategies

    by Paul Cronin  | May 07, 2014
    This addition to the CompTIA blog is part of a guest series celebrating Small Business Week. IT companies today operate in an environment that’s both exciting and challenging. The persistent evolution of technology — cloud computing, mobility, unified communications, cybersecurity and virtualization, for example — make technology solutions more accessible and affordable than ever before.  The willingness of businesses and consumers to embrace these innovations has created ...
    Full Story
  • IT Hiring Contingent on Sustained Business Confidence

    by Tim Herbert  | May 06, 2014
    The dilemma: Companies have job openings or want to hire in order to expand, but are fearful of a slowdown in new business orders. This scenario has been the default for companies across the IT channel during the past few years of economic uncertainty. New research from CompTIA suggests we may have finally reached a point of sustained stability. According to CompTIA’s recent Q2 IT Industry Business Confidence Index, executives feel more positive about the overall economy and growth prosp ...
    Full Story
  • CertMaster Represents the Next Wave of Scientifically Grounded Adaptive Learning

    by Terry Erdle  | May 05, 2014
    As the world’s foremost vendor-neutral IT certification body, CompTIA is leading the new wave of neuroscience-based, adaptive learning with a comprehensive new training program: CompTIA CertMaster. This new learning tool, designed to help students and professionals better prepare for IT certification exams and future IT careers, goes beyond the typical race to the finish model and features a variety of techniques to help you learn, including adaptive learning, spacing and motivation trigge ...
    Full Story
  • Ways and Means Clears Limited Tax Extenders

    by Lamar Whitman  | May 02, 2014
    On Tuesday, the House Ways and Means Committee approved six tax extender provisions and left 50 more on the chopping block. It’s unclear if the committee will reconvene to review the other 50, but in keeping with the desire of Rep. Dave Camp (R-Mich.) to bring certainty to the tax code, yesterday’s action would make the six extenders that did pass permanent. The extenders currently have expiration dates, which most agree hamper their effectiveness, so those supporting the six provisi ...
    Full Story
  • Patent Challenges Threaten Innovation, Business Growth

    by Greg Plum  | April 29, 2014
    Laser-like focus is critical to the success of any business, but perhaps even more so for small- to medium-sized businesses (SMBs). With less of a margin for error than their larger counterparts, anything that causes a small business to take its eye off the ball is a threat to that company’s livelihood. My industry — the conferencing and collaboration space — has been blanketed in recent years by a demand letter from a so-called patent troll, demanding payment for a mute featur ...
    Full Story
  • Idaho Technology Council Fights Public Advocacy Battles to Help Gem State Companies Thrive

    by Bob Moore  | April 29, 2014
    This month, Jay Larsen, president and founder of the Idaho Technology Council, discussed with TechVoice legislation he and his organization have championed to grow Idaho’s technology ecosystem. Read how the council’s advocacy efforts influenced those bills, the lessons Larsen learned along the way and how the Idaho Technology Council’s partnership with TechVoice has helped in these efforts. I understand you’ve been very active at the state level with several bills around ...
    Full Story
  • The Internet of Things is Missing Something: Security

    by Chris Gonsalves  | April 23, 2014
    This sponsored blog entry was submitted by Chris Gonsalves of ChannelNomics. There’s a dirty little secret in the grand promise of the Internet of Things. Within the rapidly proliferating realm of talking machines that enables this hyperconnected ecosystem, there is a woeful lack of security. That shortcoming could leave important systems vulnerable to compromise and ultimately threaten the viability of an emerging technology space on which many have pinned high hopes. Understanding t ...
    Full Story
  • My Six Pivotal Moments as a Woman in IT

    by Samantha Ciaccia  | April 23, 2014
    “What do you want to be when you grow up?” This was never a hard question for me. I wanted to be a veterinarian, then a doctor. However, when it came time to decide on a college major, I chose marketing to pursue a creative career in advertising — or so I thought. What you think you want and where life actually leads you can sometimes be very different. My 18-year-old self would not recognize me today: I’m channel engagement manager for Datto and have been working in the ...
    Full Story
First PagePrevious Page
Next PageLast Page
Page: of 123

This sponsored blog entry was submitted by Chris Gonsalves of ChannelNomics.

There’s a dirty little secret in the grand promise of the Internet of Things. Within the rapidly proliferating realm of talking machines that enables this hyperconnected ecosystem, there is a woeful lack of security. That shortcoming could leave important systems vulnerable to compromise and ultimately threaten the viability of an emerging technology space on which many have pinned high hopes.

Understanding the scope of the problem requires imagining just how big this Internet of everything could be. By some accounts, we’re on our way toward 200 billion Internet-connected machines by 2020, according to IDC Corp. Let that sink in. We’re moving into a world where automated machine-to-machine (M2M) transactions will outnumber traditional human-to-computer transactions by an order of magnitude.

Cisco Systems Inc. claims the market for these hyper-connected devices will top $19 trillion in the next eight years. Those heady figures could be at risk, however, if security gets short shrift and the devices become unpatched, unmonitored badlands for hackers and cybercriminals.

SSH Communications Security, attempting to get a handle on the scope of the problem, teamed up with Forrester Consulting for a survey. They queried 151 U.S.-based hosting and cloud services providers plus IT security decision-makers in financial services, government, retail, manufacturing and utilities. The goal was to see how well respondents understood M2M security issues — and how well they were safeguarding their assets in automated computing environments.

If you’ve read this far, you’ve probably already guessed: not very well.


Pace Outstrips Security

It turns out the rise of M2M connections in data centers across most industries has far outstripped the ability of organizations to secure them. The resulting misalignment of security and compliance priorities is placing these organizations at risk, the survey found. It’s a subject that’s close to home for Helsinki-based SSH, pioneers of the secure shell protocol that bears its name. SSH is the de facto standard for data-in-transit security, at least where security has been given adequate consideration.

“Misunderstanding how best to secure M2M transactions — and whose responsibility it is to do so — has placed organizations under significant risk of data breach,” said Tatu Ylonen, chief executive officer of SSH Communications Security and the inventor of the eponymous protocol. “As organizations across all sectors embrace the concept of the Internet of Things, enabling more objects and sensors to communicate to support new business models the need to automate M2M connections is increasingly critical.

“We commissioned this study to discover how financial institutions, enterprises and government agencies perceive their M2M security needs,” said Ylonen. “We discovered that they must take bold steps to evaluate the scope and strength of their M2M security strategies if they are to prevent data theft and comply with industry standards.”

According to the SSH and Forrester findings, M2M processes are now in use to some degree in just about every business organization and 62 percent of those polled say they plan to increase M2M use over the next year. Half are using M2M for logistics management and customer service and fully half of the financial institutions polled say they use M2M connections for billing.

That pervasive use and anticipated growth of M2M tends to support IoT’s champions at Cisco and elsewhere who see the automated, machine-connected world as the next step in business technology’s evolution. But despite the real traction M2M seems to be enjoying, its early adopters are giving security short shrift. While 68 percent say IT data security is a critical priority, only 25 percent feel the same way about M2M systems — even those tasked with carrying high-value payloads.

The problem, according to SSH officials, is often less about basic security protocols and more about the management of security elements on M2M networks. That’s borne out in the overwhelming number of survey respondents who felt their SSH implementations were adequate even though most knew little about critical aspects like Secure Shell access controls and centralized key management.

These are issues that will need to be sorted out soon if IoT is ever to realize its potential. They are also issue where the channel might gain a foothold in this emerging space and take advantage of the opportunities within.

As Michael Osterman at Osterman Research put it, “The Internet of Things holds great promise for enabling control of all of the gadgets that we use on a daily basis. It also holds great promise for cybercriminals who can use our homes’ routers, televisions, refrigerators and other Internet-connected devices to launch large and distributed attacks.

“Internet-enabled devices represent an enormous threat because they are easy to penetrate, consumers have little incentive to make them more secure, the rapidly growing number of devices can send malicious content almost undetected, few vendors are taking steps to protect against this threat, and the existing security model simply won’t work to solve the problem.”

For solution providers struggling to get a handle on a business model that makes the IoT profitable, security is a key value-added service. Partners should be pushing their clients, particularly in key verticals, to take a hard look at their security strategies and posture whenever they deploy new network devices.

As the Forrester study succinctly points out, every M2M transaction “starts with one machine logging into another using an authorized identity. These identities are powerful — they provide access to critical systems and high-value data. Make sure your compliance and security initiatives fully account for onboarding, offboarding and monitoring of machine-based identities and credentials.” 

Leave a Comment