How Connected Devices Could Impact Cybersecurity?

By Apac CIO Outlook | Tuesday, January 22, 2019

Internet of Things(IoT) has become a part of everyday life: smart homes, smart education, smart healthcare, wearable devices, and the Internet of vehicles (IoV) make the best use of this technology, which plays a key role in the digital transformation and the hyper-connection of its elements. Companies are determined to find innovative ways of using IoT devices over time. However, IoT devices can create a backdoor for skilled hackers and cybercriminals in a corporate network.

The National Institute of Standards and Technology (NIST) report notes that many healthcare providers do not know that using IoT devices can affect cybersecurity and privacy risks differently from conventional IT devices. The report portraits the ways IoT devices could affect cybersecurity and privacy risks. The lack of management features is a prominent reason behind this. Administrators may not be able to fully manage the firmware, operating system, and applications of an IoT device throughout the life cycle of the device. Functions not available may include the ability to acquire, install, configure, store, retrieve, terminate, delete, replace, update, and patch software.

Some IoT devices do not have application and human user interfaces to use and manage devices. If such interfaces exist, they cannot provide the functionality that conventional IT devices normally offer. Most IoT devices do not support standardized centralized management mechanisms and the sheer number of devices that need to be managed can be enormous. The wide variety of software is a difficult task for the organizations. There is a wide range of software, including firmware, standard, and real-time operating systems and applications, used by IoT devices. This complicates the management of software throughout the IoT device lifecycle and affects areas such as configuration and patch management.

A manufacturer may plan to use a specific IoT device only for a few years than it has been discarded. An organization that buys this device may want to use it for a longer time, but the manufacturer may stop supporting the device, such as not releasing patches for known vulnerabilities either by choice or due to limitations in the supply chain. Lack of inventor capabilities also makes an impact on IoT devices. IoT has the ability to significantly enhance the efficiency of the firm, cut costs, and drive future projects for almost every department. It is not for nothing, however, if proper security measures are not taken to safeguard these newly developed internet connection points. The IoT can only account for a small percentage of data usage within a network, but every entry point requires specific and often unique cybersecurity. When considering the adoption of any new IoT hardware, it affects not only the bottom line of a firm but also on potential cybersecurity risks which must be taken into account.