Avengers: Age of Ultron has been called the “epic follow-up to the biggest Superhero movie of all time,” and it lives up to all the hype and expectation put forward by movie and comic fans alike. Amidst the eye-popping action shots and comical quips between characters, an underlying theme of fear and cybersecurity poses as a subtle warning to all movie-goers.
It is no surprise that Marvel so brilliantly injected fear into the equation. As the “Internet of Things” or IoT is becoming a household buzzword, more and more people are raising questions of personal security. From fitness bands and baby monitors, to vehicles and pacemakers, the IoT which was at one time only a concept in the minds of sci-fi fans is now part of millions of people’s daily lives.
Businesses, too, are benefiting from IoT. This technology is allowing companies to access an almost infinite amount of data, enhance data management to cut out wasted time and energy, and invest resources in getting to clean, manageable data. In the scope of all the benefits of IoT, the question everyone, including Superheroes, is asking is how to keep this information secure.
1. Create a System
The first way for companies to remain secure while utilizing IoT is to create a system that clearly lays out expectations for employees and monitors their activity. As the Bring-Your-Own-Device movement, or BYOD, grows, it is becoming increasingly important to understand and monitor how devices are working together. Vann Abernethy, senior product manager at NSFOCUS, a web security firm, advises companies to “build zones and track their interactions. Understand how each system works, how they interrelate…” This is good advice and is reflective of how we currently manage individual cloud-based systems like Salesforce’s Profiles, Roles, and Permissions functionality. Of course the challenge that Abernethy is addressing, is that we have to have a systems mindset in this new world.
2. Ask the “What if…” Questions
Most security breaches occur when systems don’t have a back-up plan in place for when something goes wrong. Hackers are able to infiltrate one line of defense, and then gain quick and easy access to nearly all information. As businesses utilize IoT, it is important to ask the difficult “what if…” questions and plan out a course of action to take in case those dangerous mishaps occur.
3. Expect Imperfect Users
Sometimes the biggest threats to security are not hackers, but imperfect users. Employees in a company who use weak passwords or do not change the default password on an IoT device put employees and consumers both at risk. Companies who utilize IoT must focus on increasing awareness among employees and put security at the forefront of everyone’s minds.
Dave Lewis, Global Security Advocate for Akamai Technologies, said it best: “We should not sacrifice security and privacy on the altar of convenience.”