Addressing the Security Risks of the Mobile Internet of Things

By Special Guest
Cara Sloman, Executive Vice President, Nadel Phelan, Inc
September 14, 2017

The mobile Internet of Things (IoT) encompasses much more than smartphones. It includes machine-to-machine (M2M) modules—such as wearables—autonomous cars and mobile-connected tablets. This vast worldwide network is growing at an unprecedented pace. The Global Mobile Data Traffic Forecast Update, 2016–2021 reports that there will be 11.6 billion mobile-connected devices by 2021, including M2M modules, and nearly three-quarters of all devices connected to the mobile network will be “smart.”

As the number of connected things has grown, so has the determination of cybercriminals to exploit them. Businesses might not think about the cybersecurity settings of their photocopiers, for instance, yet 2016’s Mirai malware used hundreds of thousands of IoT devices to create a botnet that took down popular proxy server Dyn and, with it, nearly one third of websites globally.

And almost one in five organizations reported malware targeting mobile devices. These devices continue to present a challenge because they don’t have the level of control, visibility and protection that traditional systems receive.

These developments leave carriers wondering what it will take to keep their networks and their customers safe. However, it’s impossible to ignore the IoT and its tremendous potential to provide competitive advantage. Choosing and deploying secure IoT solutions provides valuable new business insights and efficiencies while protecting your data and infrastructure assets.

Know Before You Buy

Service providers need to understand the level of security that manufacturers have built into their products before purchasing IoT devices. While it is (relatively) easy to design and ship an IP camera, for instance, the ease at which one can be hacked from factory settings makes installing one an unacceptable risk factor to the network.

Proof that regulators are taking IoT security seriously lies in the January 2017 complaint that the FTC filed against router giant D-Link, charging that the company had deceived users on the security of its products and failed to take steps to secure those products appropriately. This case has become a bellwether because the complaint was brought in response to the vulnerabilities themselves, not because of a breach exploiting those vulnerabilities. This is a sign that regulators are taking a more aggressive stance in demanding that connected device manufacturers take clear and sufficient steps in securing their products.

Best IoT Purchasing Practices

Here are three steps to take immediately to help build greater IoT security into your business:

  • Demand unique credentials: Plugging in connected devices with factory settings is a security disaster waiting to happen. Require that each device have a unique password from the manufacturer, printed on a sticker that’s included on the device itself. This significantly reduces the chances of compromise.
  • Weigh the risks of open source: IT teams should be aware of the risks in using technologies that are based on open source code. Open source IoT software is an easy, cheap and flexible option. Yet security flaws can be exploited rapidly, and patches are often slow in coming.
  • Build a strong mobile IoT team: When seeking fresh talent, be sure to clarify your terms. A job ad asking for an IoT professional may attract 10 people with 10 different backgrounds. Think instead about what your company does with connected devices and the specific skills it needs to manage and deploy those applications, systems and devices securely. Looking for and training people with IoT certifications is a way to ensure a strong bench of those skills.

Due Diligence

Almost half a billion (429 million) mobile devices and connections were added in 2016. Smartphones accounted for most of that growth, followed by M2M modules. The mobile IoT offers unprecedented opportunities to both carriers and the cybercriminals who target them. To comply with regulations and maintain customer trust, a comprehensive cybersecurity strategy is a must. The best practices above might not be the first things a company thinks of when it comes to security, but they will help protect your network and the devices that are and will be connected to it.   

About the author:

Ms. Sloman has helped shape Nadel Phelan's brand, services and reputation for quality and results. With a charter for growth and operational excellence, Ms. Sloman is responsible for client strategy, while building and managing solid account teams that deliver results. Ms. Sloman is an accomplished media relations expert with story placements in The Wall Street Journal, Business Week, The New York Times and many others. Ms. Sloman has worked with market leaders such as Microsoft and Cisco to set industry agenda, establish thought leadership, build new categories, launch companies and navigate PR obstacles.




Edited by Mandi Nowitz


SHARE THIS ARTICLE
Related Articles

Top 3 Takeaways from Microsoft Ignite

By: Special Guest    10/2/2017

Microsoft Ignite wrapped up last week in Orlando. At the company's big conference dedicated to IT professionals and developers, 25,000 business custom…

Read More

Millennials Want Smart Home Tech More Than Anyone

By: Larry Alton    10/2/2017

Millennials are known for having very specific interests. They also hold a significant level of buying power in certain markets, particularly technolo…

Read More

SpaceX Names Satellite Broadband Service, Works FCC Connect America

By: Doug Mohney    9/29/2017

"Starlink" is the potential title for SpaceX's massive satellite network to deliver high-speed Internet access, reports Florida Today. The company has…

Read More

New Apple iPhone X as Much Hype as Innovation

By: Doug Mohney    9/28/2017

Apple is counting on it with the iPhone X -- the "X" symbolizing the 10th anniversary of the iPhone. Fans of the company are falling all over themselv…

Read More

Alexa and the PBX, Coming Soon

By: Doug Mohney    9/28/2017

This week, Amazon unloaded a ton of Alexa-enabled Echo gizmos, including the Echo Connect. Shipping on December 13, 2017 (just before the holiday seas…

Read More