By Don Boxley, CEO & Co-founder, DH2i (www.dh2i.com)
The Internet of Things (IoT) is continuing to grow more and more impactful, if that’s possible. It’s goal of connecting everything has broad effects that reach far beyond technology, impacting the economy and—as Gartner shared in a recent research report—“transforming many enterprises into digital businesses… improving efficiency and increasing employee and customer engagement.”
In short, IoT’s tentacles are branching out into practically everything that touches not only the business world, but daily life and how people experience their environment. As the number of IoT devices and user applications multiply, the expanded reach of this powerful tool is changing the way that everyone connects and communicates.
To put these assertions into numbers, consider that by 2025, we could see 41.6 billion connected devices when it comes to IoT—that’s an incomprehensible 80 zettabytes of data that will be generated in this arena. It’s exciting—but when it comes to the security issues that arise from having all of these “things” connected via the Internet, it’s also pretty scary.
What do I mean by scary? Basically, as IoT platforms proliferate, security-breach potential also expands exponentially. Let’s look at one IoT platform, the most popular one known as RasPi (short for Raspberry Pi). It’s cost-effective, it can run Linux, and it’s considered by many to be “the gold standard for inexpensive, single-board computing.” It’s easy enough and cheap enough to be used by almost anyone, anywhere, any time to build IoT devices.
Herein lies the rub. Since RasPi’s use has become practically ubiquitous, cybercrime is more likely as well in this arena. When you think about how much personal data that IoT devices contain—storing anything and everything from where users are located to other details about their identity, including health data and financial information—it’s clear that companies need to have a viable and highly reliable security solution to help foil hackers. After all, one of the benefits and conveniences of IoT is that it’s right there on your smartphone, so the risk of security issues is quite high.
With RasPi platforms on the rise along with their corresponding IoT security concerns, you might wonder whether VPNs (virtual private networks) offer an effective security solution. While traditional perimeter security methods like this can be used for RasPi security, the reality is that VPNs were intended to secure private networks on the Internet, and this is the specifically what they were designed for, not IoT.
When leveraging VPN for IoT security, you can therefore expect your connection speeds to be slower. There are some other security-specific problems as well, including the fact that anyone and everyone in the network ends up being able to easily access the full range of assets there, without the need for authorization by user.
If these VPN issues concern you, an alternative is to protect your RasPi IoT network with a software-defined perimeter (SDP) solution. This software boosts security by an IoT device’s network presence, and by shrinking the VPN’s exposed lateral attack surfaces. By isolating at the level of the application, user access is appropriately limited, creating in essence a “zero trust” environment. It’s the fusing of RasPi’s cost-effective benefits with SDP’s security strengths that lead me to believe this powerful combination will be gaining a lot more traction going forward, as IoT continues to take over the world.