Dark Fibre Africa’s SqwidNet business has signed a partnership deal with Internet of things (IoT) specialist SMME IoT with the aim of connecting a million devices in South Africa in a three- to five-year period.
SMME IoT, in alliance with device maker Visiosoft, has installed 2 500 water meter reader units across the country.
Imagine using an IoT device like a simple thermostat to control the temperature of your home. Most of these devices can tell if you are away from your home, If attackers were to compromise the device, they could turn on the heat in the summer or shut the heat off during winter when temperatures are below 0 degrees. Imagine Nuclear power plants and data centers using IoT devices to automate their controls and being compromised. Understanding the complexity of vulnerabilities, and how serious of a threat they pose is going to become a huge challenge. To Minimize the risk, any project involving IoT devices must be designed with security in mind, and incorporate security controls. Because these devices will have hardware platforms and software that enterprises may never had insight into before, the types of vulnerabilities may be unlike anything organizations have dealt with previously. This is why it’s critical not to underestimate the elevated risks of many IoT devices.
Another big challenge for enterprises in an IoT environment will be learning how to quickly patch IoT device vulnerabilities and how to prioritize them. Because most IoT devices require a firmware update in order to patch the vulnerability, the task can be hard to accomplish in real time. For example, if a printer requires firmware upgrading, IT departments are unlikely to be able to apply a patch as quickly as they would in a server or desktop system. Upgrading custom firmware often requires extra time and effort.
In the IT world, redundancy is critical. If one product fails, another is there to take over. The concept of layered security works similarly, but we still have to see how well enterprises can layer security and redundancy to manage IoT risk. The challenge will be identifying where security controls are needed for Internet-connected devices, and then implementing effective controls. Given the diversity that will exist among these devices, organizations will need to conduct customized risk assessments, often relying on third-party expertise, to identify what the risks are and how best to contain them.
Disruptive cyberattacks, such as distributed denial-of-service attacks, could have bad consequences for an enterprise. If thousands of IoT devices try to access a corporate website or data service feed that isn’t available, a company’s happy customers will become frustrated, resulting in revenue loss, customer dissatisfaction and potentially poor reception in the market. Also, many of the challenges to IoT are similar to those found in a bring your own device environment. Capabilities for managing lost or stolen devices will be critical for dealing with compromised IoT devices, so having this enterprise strategy in place will help mitigate the risks of corporate data ending up in the wrong hands.
The variety of new devices connecting to the Internet will create a flood of data for enterprises to collect, process and analyze. While certainly organizations will identify new business opportunities based on this data, new risks emerge as well. Organizations must also be able to identify legitimate and malicious traffic patterns on IoT devices. The best analytical tools and algorithms will not only detect malicious activity, but also improve customer support efforts and improve the services being offered to the customers. To prepare for these challenges, enterprises must build the right set of tools and processes required to provide adequate security analytics capabilities
The Internet of Things has the potential to bring together every aspect of different networks. Therefore, security at both the device and network levels is critical to the operation of IoT. The same intelligence that enables devices to perform their tasks must also enable them to recognize and counteract threats.