Organizations of all sizes have discovered there is money to be made from connecting everything from smart watches to industrial systems to the Internet. The challenge many of those organizations soon will face is how to go about securing those devices. For those reasons, solution providers would be well-advised to start thinking about how to extend their security expertise into the realm of the Internet of Things (IoT).
Most IT organizations, unfortunately, are going to approach IoT security in pretty much the same way they approached traditional enterprise IT security, which is to say it will be pretty much an afterthought. IoT environments will be created, but most IT organizations won't realize how far IoT has extended the attack surface inside their organizations until the environments are up and running. As a result, Jackson Shaw, senior director of Product Management for Identity and Access Management at Dell, predicts there will be an explosion in demand for IoT security expertise.
Be it securing the endpoints or networks those devices rely on to transmit data (or both), IoT security will be a complicated affair. Each endpoint represents a potential back door through which multiple forms of malware can be distributed throughout the enterprise. In fact, most IoT applications will be connected via application programming interfaces (APIs) that are challenging to secure. Organizations want to make them easy for developers to use, but the simpler the API, the less secure the IoT environment will be. The good news, said Shaw, is that many of the technologies that will be used to secure those APIs, such as OAuth, and User-Managed Access (UMA) protocols, are getting more robust by the day.
In the months ahead Shaw said Dell not only will be investing in technologies such as IoT gateways, but also working with partners to create the expertise required to secure those environments. There’s no doubt that IoT represents a major new opportunity for the channel. Not as clear is the degree to which IT organizations will rely on partners to build and implement those systems. But the one thing is for certain: When it comes time to secure those environments, most organizations are going to be begging for help sooner or later.