Addressing the Security Risks of the Mobile Internet of Things

By Special Guest
Cara Sloman, Executive Vice President, Nadel Phelan, Inc
September 14, 2017

The mobile Internet of Things (IoT) encompasses much more than smartphones. It includes machine-to-machine (M2M) modules—such as wearables—autonomous cars and mobile-connected tablets. This vast worldwide network is growing at an unprecedented pace. The Global Mobile Data Traffic Forecast Update, 2016–2021 reports that there will be 11.6 billion mobile-connected devices by 2021, including M2M modules, and nearly three-quarters of all devices connected to the mobile network will be “smart.”

As the number of connected things has grown, so has the determination of cybercriminals to exploit them. Businesses might not think about the cybersecurity settings of their photocopiers, for instance, yet 2016’s Mirai malware used hundreds of thousands of IoT devices to create a botnet that took down popular proxy server Dyn and, with it, nearly one third of websites globally.

And almost one in five organizations reported malware targeting mobile devices. These devices continue to present a challenge because they don’t have the level of control, visibility and protection that traditional systems receive.

These developments leave carriers wondering what it will take to keep their networks and their customers safe. However, it’s impossible to ignore the IoT and its tremendous potential to provide competitive advantage. Choosing and deploying secure IoT solutions provides valuable new business insights and efficiencies while protecting your data and infrastructure assets.

Know Before You Buy

Service providers need to understand the level of security that manufacturers have built into their products before purchasing IoT devices. While it is (relatively) easy to design and ship an IP camera, for instance, the ease at which one can be hacked from factory settings makes installing one an unacceptable risk factor to the network.

Proof that regulators are taking IoT security seriously lies in the January 2017 complaint that the FTC filed against router giant D-Link, charging that the company had deceived users on the security of its products and failed to take steps to secure those products appropriately. This case has become a bellwether because the complaint was brought in response to the vulnerabilities themselves, not because of a breach exploiting those vulnerabilities. This is a sign that regulators are taking a more aggressive stance in demanding that connected device manufacturers take clear and sufficient steps in securing their products.

Best IoT Purchasing Practices

Here are three steps to take immediately to help build greater IoT security into your business:

  • Demand unique credentials: Plugging in connected devices with factory settings is a security disaster waiting to happen. Require that each device have a unique password from the manufacturer, printed on a sticker that’s included on the device itself. This significantly reduces the chances of compromise.
  • Weigh the risks of open source: IT teams should be aware of the risks in using technologies that are based on open source code. Open source IoT software is an easy, cheap and flexible option. Yet security flaws can be exploited rapidly, and patches are often slow in coming.
  • Build a strong mobile IoT team: When seeking fresh talent, be sure to clarify your terms. A job ad asking for an IoT professional may attract 10 people with 10 different backgrounds. Think instead about what your company does with connected devices and the specific skills it needs to manage and deploy those applications, systems and devices securely. Looking for and training people with IoT certifications is a way to ensure a strong bench of those skills.

Due Diligence

Almost half a billion (429 million) mobile devices and connections were added in 2016. Smartphones accounted for most of that growth, followed by M2M modules. The mobile IoT offers unprecedented opportunities to both carriers and the cybercriminals who target them. To comply with regulations and maintain customer trust, a comprehensive cybersecurity strategy is a must. The best practices above might not be the first things a company thinks of when it comes to security, but they will help protect your network and the devices that are and will be connected to it.   

About the author:

Ms. Sloman has helped shape Nadel Phelan's brand, services and reputation for quality and results. With a charter for growth and operational excellence, Ms. Sloman is responsible for client strategy, while building and managing solid account teams that deliver results. Ms. Sloman is an accomplished media relations expert with story placements in The Wall Street Journal, Business Week, The New York Times and many others. Ms. Sloman has worked with market leaders such as Microsoft and Cisco to set industry agenda, establish thought leadership, build new categories, launch companies and navigate PR obstacles.




Edited by Mandi Nowitz


SHARE THIS ARTICLE
Related Articles

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More

Putting the Flow into Workflow, Paessler and Briefery Help Businesses Operate Better

By: Cynthia S. Artin    9/14/2018

The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.

Read More

From Mainframe to Open Frameworks, Linux Foundation Fuels Up with Rocket Software

By: Special Guest    9/6/2018

Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…

Read More

Unified Office Takes a Trip to the Dentist Office

By: Cynthia S. Artin    9/6/2018

Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…

Read More

AIOps Outfit Moogsoft Launches Observe

By: Paula Bernier    8/30/2018

Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…

Read More