Standard Web Security Won’t Keep the Internet of Things Safe

Joerg Sieber


Category: Web Security

The “Internet of Things,” or “IoT” is a fascinating field of technology representing growth of interconnected devices that can be controlled and managed remotely through mobile devices or many other means.

The Internet of Things spans all areas of life and work, especially if we consider:

  • Smart homes with refrigerators ordering groceries, remote controlled HVAC equipment, or smart lighting
  • Connected industries and cities with remote meters, automatic analytics, or robotics.
  • Wearables such as smart watches, fitness bands or smart glasses
  • Connected cars with automatic driving technology, remote diagnostics, or fleet management.

and much more.

From a business perspective, the IoT offers incremental revenue opportunities as well as productivity and cost savings to companies across the globe. According to analyst firm IDC, the number of IoT devices will grow from approximately 6 billion in this decade to 28 billion in 2020 — a staggering number. The market for wearable smart devices alone is expected to increase at an average rate of 60% per year to $20 billion in 2017.

What is the common characteristic of all of these devices? Connectivity to the Internet through applications. And with this connectivity comes increased exposure to cyber threats. Think of it as today’s mobility market on steroids.

While it will become increasingly important (and common) for most companies to enable Internet-connected devices, a key goal for IT and security departments will remain the safe enablement of the applications that power those devices.  Neither Web nor email security will be able to appropriately protect against future attacks from cybercriminals targeting your organization through the IoT. Many of these applications will most likely utilize more than Web channels to access data and can easily circumvent web security solutions by utilizing uncommon ports.

Now is the time for companies to start thinking about security strategies against tomorrow’s cyber attacks through the Internet of Things. No one has all the answers to the security-related questions posed by the IoT in the coming years, but it helps to ask, at the very least, the following 5 questions to prepare for the onslaught of Internet enabled devices facing your company in the near future:

  1. What IoT devices are likely to be used in your organization in the next decade?
  2. What types of data will these devices access?
  3. What types of devices will your employees own or utilize?
  4. How do these devices interact with your corporate network?
  5. How do you currently ensure safe application enablement across all ports?

The answers to these questions will have a significant impact on your organization’s security strategy in the next few years. The best you currently can do to prepare for the fast approaching army of networked devices is to deploy the best possible application control with a solution monitoring all ports in and out of your network. Palo Alto Networks Enterprise Security Platform not only protects companies against applications utilizing a few common ports, but also offers complete visibility into all enterprise network traffic. Learn more about our approach here.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS