IoT Security

11 Reasons IoTs Break Enterprise Security

IoTs have introduced a whole new compute dynamic called “Dependency Compute”, where the IoTs, applications and management are remote to one-another. Each can and often is owned and operated by entities that are third-parties to each other. Moreover, each of an IoT platform’s components is often unique and different, creating complexity and preventing consistency in security. With this new dynamic, How can IoT platforms be secured?

01 – Purpose Built and Non-Standard

IoTs are often purpose built and non-standard, using imagination-driven hardware and software for imagination-driven purposes.

The Challenge

Traditional security approaches and tools were designed to secure Windows, Mac, and Linux, running intel processors and are not in tune with the requirements of IoT infrastructures.

02 – Everything is Everywhere

IoTs are often highly distributed or mobile and are designed to operate on many different hostile public and private networks.

The Challenge

Traditional security approaches and tools were designed for and are limited to protecting concentric and contained networks of systems.

03 – Long-Distance Applications

IoTs are predominantly distributed or mobile, thereby the applications they depend on will always be remote.

The Challenge

This requires securing different technologies operating in hostile non-concentric networks with tools not designed for the task.

04 – The Deconstructed Platform

Platforms become deconstructed when IoTs are introduced. It is not uncommon for the network the IoT operates on, the IoT itself, the application infrastructure, the application itself, and the platform’s management to all be third parties to one-another.

The Challenge

Today, securing each IoT type, application and management platform requires a different array of security tools and expertise – overall an expensive, resource intensive and ultimately ineffective process.

05 – Welcome to Dependency Compute

IoTs and applications are not standalone; they are highly dependent on one-another. IoTs generate data and perform tasks while the application turns data to insight and decides on actions to be taken by the IoT.

Dependency Compute

The Challenge

The integrity and reliability of communications between IoTs and applications is mission critical. Without IoTs, application functions go unfulfilled. Absent the application, IoT data cannot turn into decision-support insight.

06 – A Web of Exposures

The deconstructed platform means that Third-party applications have privileged access to IoTs operating on multiple customer networks, bypassing their network security. Their security is now dependent on the security of the third-party application provider.

The Challenge

Compromise of SaaS or remote third-party applications could easily lead to compromise of the many IoTs to which it has privileged access. The compromised IoTs can then be used to cross-contaminate other systems on the network.

07 – The Global Attack Surface

On a common network, each unique IoT is connected to different third-party applications. These applications in turn service many IoTs for many other customers. This tangled web of relationships diminishes the security of all parties to that of the weakest link!

Global Attack Surface

The Challenge

With the addition of every unique IoT and third-party application, the exposures are compounded, leading to indefensible complexity.

08 – Spanning Generations

With a lifespan of 8-20 years, IoTs outlive enterprise technologies by a factor of four or more.

The Challenge

IoTs have introduced a new logistics paradigm for operations, management, upgrade, repair, and security of these distributed platforms over a period spanning decades.

09 – There’s No Stopping This Train

Everything is now connect-capable, and below-the-radar introduction of new technology and cloud applications is so common that it has become muscle memory.


The Challenge

The rush to make mundane objects connected has led to operation technologies, like HVAC systems, building access, and even the coffee machine, to quietly seep into the network – creating many unknown back doors.

10 – IoT T T T T T T T T T T T T T T T T T T T T

The scale of IoTs has already dwarfed that of enterprise technologies. By sheer volume, these defenseless technologies are being actively used en masse to wage cyber war.

The Challenge

With their low cost, limited nature and the industry emphasis on function without viable security options, IoTs are especially vulnerable as points of compromise, as attack tools or both. Managing security on a platform experiencing explosive growth is especially challenging.

11 – Unbounded Consumption

IoTs are technologies that operate in-the-wild and are accessible to anyone local or remote. Moreover, as machine-to-machine communication becomes dominant, unrelated IoTs may be repeatedly engaged by misconfigured systems or poorly developed applications.

melting ice

The Challenge

Security is the most expensive compute resource. Aside from short-term effects, attackers can impact long-term IoT longevity by hastening a device’s power consumption through persistent attacks — forcing a decision to replace or abandon the IoT.