Creativeapril - Fotolia

What are enterprises' biggest IoT security challenges?

As the number of IoT devices in the enterprise grows, so do the potential risks. In this #CIOChat, participants identify the biggest IoT security challenges facing IT and the enterprise.

If the offerings at the recent International Consumer Electronics Show (CES) in Las Vegas are any indication, Internet of Things (IoT) technology seems set to shake up the enterprise. While this is good news in terms of business innovation -- with several IoT devices promising advances in efficiency, productivity, analytics and customer relationships -- this rapidly evolving technology also poses serious security challenges that cannot be ignored.

IoT security has even captured the attention of Capitol Hill, with members of U.S. Congress forming a new Congressional Caucus on the Internet of Things to educate members on the security, privacy and regulatory policy concerns around the technology. Congress is mainly focused on the protection of sensitive information streaming to and from connected devices.

With IoT security on everyone's mind, including Congress', and uncertainties surrounding how best to address these concerns, SearchCIO posed the question: What are the biggest IoT security challenges for the enterprise? What followed was a lively discussion among #CIOChat participants, editors and SearchCIO expert Harvey Koeppel on the security risks that come with IoT integration.

The increased potential for unsecured devices and data are a major concern for companies, and, as one participant points out, the security risks grow proportionally with the value of IoT devices:

Since the idea of networking devices and objects is still relatively new, security has not traditionally been considered in product or policy design. But, if companies want to maximize data protection on IoT devices, participants say that security needs to be built-in from inception rather than tacked on at the end:

Echoing Koeppel's notion of keeping CISOs in the loop, Vernon Turner, senior vice president at market research firm IDC, suggests that CISOs should also collaborate with their peers in order to gain greater insights and situational awareness into areas vulnerable to breaches. IT collaboration and situational awareness were on the minds of  #CIOChat-ers as well:

One major concern of participants was the ripple effect of unsecured devices on other areas of business and IT, including crucial networks and cloud processes:

Lessons learned from BYOD

Is it too early to start BYOIoTD? In many ways, policies involving IoT devices are an extension of current BYOD policies, meaning companies don't necessarily have to start from scratch with IoT privacy and security plans. Moreover, the Internet of Things has the potential to influence and shift the BYOD trend by expanding it and making it more complex.

Senior News Writer Nicole Laskowski asked  #CIOChat-ers what lessons they have learned from past or present BYOD policies that could be applied to IoT devices, setting off discussion on the management and security challenges of IoT integration:

The "no" attitude of some businesses comes from the fact that these BYOD policies are certain to make "profound changes not just to their technologies, but the very culture and operating model of their enterprise," according to SearchCIO expert Harvey Koeppel. This change is daunting for some companies, making them more reluctant to adopt the most forward-thinking policies. Several #CIOChat-ers agreed that successful IoT policies require a more accommodating outlook toward outside devices and a willingness to adapt:

The human element of BYOD security is another factor that can affect present and future IoT security policies. Whether knowingly or not, employees can be responsible for data breaches within their own companies, making it important to educate them on security best practices, participants said:

On a lighter note, one participant pictured an alarming future of IoT security hacks:

While this portrayal of future IoT perils may be hyperbolic, the growing presence of IoT devices and objects does open up a whole new world of security dangers. Do you think these IoT security challenges can be conquered? Sound off in the comments section below.

Next Steps

Take a look at our next tweet chat recap for tips on how to mitigate IoT risks. Then, get advice from security experts at IBM and Intel on securing the IoT.

Dig Deeper on Internet of Things (IoT) Security Threats