alphaspirit - Fotolia

IoT security a hurdle to world of connected 'things'

Despite its massive potential, the Internet of Things is ushering in new and unique security challenges. But who's responsible for tackling them?

With its growing network of connected gadgets -- ranging from coffee makers to cars -- the Internet of Things will have a major impact on both enterprises and consumers. However, despite IoT's huge potential, it's posing a new set of IoT security concerns.

"As a technologist, I don't get freaked out about stuff like this … but if you combine [IoT device data] with other pieces of personal information [devices] gather about us, they can paint a pretty complete picture of what we do with our day, how we behave and who we are," said David Linthicum.

In a recent podcast, Linthicum discussed IoT security concerns and more with Randy Bias, VP of Technology at EMC. Other topics include:

    1. Have compliance regulations and legislation limited IoT security? "All the compliance regulations we've put in to date haven't significantly made our security better over the last 10 to 15 years," Bias said. "In fact, arguably, it's worse."

      Edward Markey, Massachusetts senator, is lobbying for legislation for information collected from automobiles. But is that the answer? "We do need laws to hold businesses and individuals responsible for data security, privacy and so on, so there's accountability," Bias said. "But this whole thing of new legislation to try to make sure that the Internet of Things is more secure is just ridiculous."

      Who is to blame if an automobile is hacked? Bias and Linthicum agreed the situation has happened before. (3:30-8:56)
    2. Cloud Foundry is an open source platform with major vendor support, but some question whether it is open enough. "I'm unaware of anybody who set up an open source foundation that didn't receive criticism about how they did it," Bias said.

      Is this criticism similar to what OpenStack and CloudStack received? "No matter what you're doing, you're going to open yourself up for criticism if you're trying to go big," Bias said.

      "Go big or go home," Linthicum agreed. (8:57-11:45)
    3. Box, a file sharing and cloud storage company, added enterprise key management (EKM) to its repertoire. Is security a concern?

      "Everybody in the enterprises freak the heck out around this stuff, around using this or Dropbox or things like that," Linthicum said. "[Enterprises] are becoming much better at taking the security issues off the table."

      Should enterprises continue to trust this technology?

      "These cloud-based security processes and mechanisms [like Box EKM] have a tendency to be a lot more foolproof than some of the things we have in the enterprise with the existing systems," Linthicum said. (11:46-20:44)

Next Steps

Analyzing the Internet of Things' enterprise potential

How to secure the Internet of Things

Guiding the enterprise to open source cloud

Dig Deeper on Internet of Things (IoT) Security Threats