Smart IT means smart security on IoT connected devices
Smart IT departments look at user needs and solutions that balance tech freedom with robust security. Security shouldn’t be about preventing people from working, but instead enabling them to work in the way they operate best, without putting the enterprise at risk.
To this end, IT security isn’t simply the priority of the CISO or IT department, it is a priority for all, from the CEO through to the most junior member of staff.
To enable smart security, organisations have a responsibility to ensure all devices (including office IoT) and users are authenticated. IoT network security protection should also extend to segmenting the network appropriately rather than just mixing office IoT into the general network. Recently, a casino was hacked when the IoT fish tank was hacked leading to financial loss for the organisation concerned. Proper network segmentation may have prevented or made this attack less viable. Care must also be taken to ensure that the introduction and provisioning new office IoT follows the expected processes. It’s often too easy for users to deploy without proper thought for security, leading to some of the examples here.
IoT and mobile working brings with it many benefits in terms of productivity, the flow of information and flexibility. However, that should not come at the cost of security.