The Internet of Things
There’s a lot being said in various quarters about the Internet of Things (IOT) but whenever it comes up in conversation with senior people in the SME world, even those businesses that are definitely in the Medium bracket, with 25m upwards turnover, it raises a titter or two.
Why would that be? All the usual light hearted comments about being hacked by your kettle, or held to ransom by your toaster, come out in the conversation. And I suppose, there can be some amusement to be had. But there is a serious side to this. The graphic below, which I have unashamedly stolen from The Joy of Tech, whilst lighthearted, gives clues to potential disasters.
Whilst we are some way away from having smart appliances in most SME work places that could be used jump onto the more serious elements of a network, we are already at a place where some functions, perceived as routine, even mundane, can already be used to jump onto other network devices. For instance, most have security cameras and alarm systems. Many of these are IP based and are connected via the LAN. OK, but many also are remotely maintained by a variety of suppliers. I have found it not uncommon for these suppliers to arrange for their own backdoor into the system to maintain these systems, often without the client actually knowing how that is done. This provides a very neat circuit around the router and firewall and, when most SME networks are flat, access onward to all parts of the network.
This of course is not the only example but it shows how poor security architecture, often times by local network providers, can have a quite seriously detrimental effect. So what I am saying is that as many more devices become ‘smart’ and interconnected via the LAN, security architecture becomes just as important for the SME as it does for the larger enterprise. The problem is that the awareness and support within the SME community and their suppliers, tends to be lacking.