Debate: Device manufacturers take a comprehensive approach to securing consumer products.
Moshe Ben Simon, co-founder TrapX
IoT devices bring increased value, competitive advantage and functionality at an excellent price. This compelling mix has driven a broad range of IoT products to the market.
It is true that many IoT devices shipping today do not have secure designs. There is an increasing awareness of what is required to make the necessary security features mandatory in these designs. A growing number of manufacturers are aware of the challenges, and many are beginning to select vendors based on these important features. This trend will accelerate and become dominant in the marketplace. As the market matures, customers will continue to pay for this additional security functionality, and they will demand it as essential.
Manufacturers that do not address these open IoT security issues will ultimately be unsuccessful in the market. If you make the right choices for your IoT architecture, you will be able to enjoy the benefits of the technology with the necessary levels of security.
Rob Kraus, director, security research and strategy, Solutionary
BYOD as a threat to organizations had a lethargic start in global impact, but is continuing to manifest as new vulnerabilities and exploitation capabilities are identified and developed. We will observe similar trends with BYOIoT.
As many IoT devices are consumer and medical, we can forecast the potential to experience a grander problem than presented by BYOD. Businesses are challenged with properly securing their infrastructure and data with even the most basic controls. Expanding the exploitable footprint and allowing BYOIoT into these environments is a poor decision if not approached properly.
There are no significant incentives for manufacturers to take a comprehensive approach to securing consumer products, which has been proven through years of research into consumer device vulnerabilities.
Organizations must address this potential impact with a risk-based approach. What is the impact to the organization? Does it make sense and is it something that can be controlled? Early adopters of BYOIoT risk, policy and security will benefit the most.