Almost every day there seems to be another story about the “Internet of Things" (IoT). More and more “things” are being equipped to send and receive information over the internet. It might be fun to have your running shoes connecting to the cloud, but what does it mean, if anything, to your corporate network?
In some ways this is nothing new for companies. For some time corporate IT departments have struggled with “bring your own device” policies, as employees use their personal phones and tablets to read their email or browse the web while attached to the company network.
But the Internet of Things goes much further. Samsung indicates that 90% of the devices they sell will be network enabled in two years. This includes their phones but also televisions and appliances. You might suspect that the TV in the conference room is on the net, but what about the refrigerator in the kitchen?
And Samsung indicates that they are opening up their technology to make it easy for third parties to interact with these devices. Are companies creating a whole new constellation of third party “partners” they don’t even know about?
Do you know how the Internet of Things affects your corporate network? Here are some steps you can take to reduce the cyber risk of your network:
- Update your network policies and procedures to include the IoT. This will go only so far however - it might work when the IT guy unpacks the new internet-enabled coffee machine but will the delivery person installing the refrigerator know to turn off its internet connection before plugging it in?
- Try to keep a complete and up-to-date network inventory. Unfortunately anyone who has managed a large network infrastructure knows that even when using automated tools, it is never quite up to date.
- Implement a continuous monitoring solution. Look for unusual or suspicious behavior between your network and the rest of the world. It is important that this is an ongoing, comprehensive process.
BitSight Security Ratings for Benchmarking provides ongoing insight into how your network manages its connection to the rest of the internet, including activity by actors you may not know about (such as that refrigerator in the kitchen). It also allows you to compare your performance against those of your peers and competitors, so it is a useful platform for keeping your information security strategy current.
