Security concerns putting brakes on IoT deployments by enterprises

As many as 86% of enterprises in industries like financial services, retail, manufacturing, healthcare and hospitality have admitted that their IoT deployments have been delayed or constrained due to security concerns.

A recently survey of 200 enterprise executives in North America and Europe by technology research firm Omdia has revealed that even though IoT deployments have had a visible effect on their efficiency and productivity and customer engagement, they are not able to maximise their IoT deployments due to cyber security concerns and a lack of available resources.

Enterprises across the globe are now embracing digital transformation that brings with it improved efficiency and productivity, improved product/service quality, and improved customer retention and experience. A high percentage of businesses are now using websites, email, and applications to enhance customer engagement and many of them are using IoT tools and solutions to reduct costs and drive efficiency.

However, due to the persistent nature of cyber security threats such as ransomware attacks, malware attacks that result in the loss of sensitive data and DDoS attacks that disrupt operations, organisations have to ensure that all of their endpoints are sufficiently secured against these threats at all times. However, this is easier said than done.

The survey found that as many as 86% of enterprises in sectors such as financial services, retail, manufacturing, healthcare and hospitality are facing delays and constrains in IoT deployments due to security concerns. Due to increasing IoT security concerns, 50% of enterprises have put IoT devices on their own private networks and 97% are either considering, or currently using, a private network for their IoT deployments.

Yet another alarming fact exposed by the survey is that at least half of all enterprises do not have dedicated teams, processes or policies for IoT security, indicating that even if they deploy IoT devices, they will not have sufficient resources or manpower to look after their security.

"Cleary there is strong demand to expand the use of IoT solutions in enterprises. But to realize this potential, enterprises need fully secure, easy-to-deploy and highly flexible ways to support integrating IoT into their businesses and processes. Syniverse and Omdia see a growing role for expert third-party suppliers to help businesses tap into the opportunities available through greater global IoT connectivity," said Alexandra Rehak, Head of IoT Practice at Omdia.

“The increasing adoption of IoT across enterprises is not without its challenges, however, experience, network reach, and technology expertise can be instrumental in addressing enterprises’ concerns. For example, the use of private networks to avoid the inherent risks of the public internet is a viable but technically complex approach, The Syniverse IoT study with Omdia shows that companies are eager to adopt and realize the economic and productivity benefits but understand they can’t go it alone in their deployments,” said Bill Hurley, Chief Marketing Officer at Syniverse.

Through the survey, Omdia found that out of all IoT applications being deployed, connected security apps dominated with a 71% share followed by worker and workplace safety applications and remote payment terminals, depending on the industry.

For instance, while 81% of financial services enterprises are adopting remote payment terminals, 66% of manufacturing enterprises are adopting connected security apps, and 59% of retail and hospitality leaders are adopting smart building systems. Enterprises across the board are also considering the deployment of asset monitoring, smart building, and energy management applications along with applications for predictive maintenance.

Commenting on the survey's findings, Liviu Arsene, Senior E-threat Analyst at Bitdefender says that when deciding to deploy IoTs within infrastructures, enterprises need to have the ability to manage and control IoTs without compromising their overall security. Consequently, before deploying any devices, an IoT policies and procedures plan needs to be adopted.

"Organisations need to carefully assess the devices they’re planning to integrated within their networks and make sure they don’t have hardcoded credentials, that they use multi-factor authentication if possible, and that they constantly receive security updates and patches from their vendors in order to address known security vulnerabilities.

"Also, making sure that physical access to those devices does not compromise their security, such as physical factory resets or exposed ports, and that unused features are disabled, such as microphones or cameras. It’s also important that organisations consider setting up IoTs on segregated networks that are firewalled and monitored for both inbout and outbound traffic that might expose remote control ports, and make sure that devices that are no longer serviceable are removed from the infrastructure.

"While IoTs can have tremendous benefits in terms of productivity and costs, they can also expose organisations to new attack vectors that may be leveraged by cybercriminals to breach or compromise the security company perimeter," he adds.

ALSO READ: Majority of companies cannot detect IoT device breaches, survey reveals

MORE ABOUT: