Internet of Things: From Business Phone Service to Coffee, Security Matters
The Internet of Things has been in the news a lot lately, and not all in a good way. Much of the coverage focuses on the security—or lack thereof—in the myriad of networked devices that now surround us in everything from business phone service to items we buy at the grocery store.
In early March, Cisco offered a $300,000 bounty in its Internet of Things Grand Security Challenge, for software to help secure networks from hacking. Cisco cares because malicious coders could go through the Internet of Things to wreak havoc on everything from enterprise networks to home security devices.
Smartphones and Other Devices Proliferate in the Internet of Things
And Business Insider Intelligence recently published a report that says that by 2018, the number of connected devices—including sensors, smartphones, RFID tags, wearable computers, tablets and more—will rise from today’s 1.9 billion to more than 9 billion, and will drive trillions of dollars in business revenue.
So the media have discovered that these devices and their security is important, and I’m glad some of them are paying attention now. I just wish they’d cared a little sooner. Ignoring security and compliance issues only makes them more difficult to solve later, and the industry has already lost more than a decade.
Securing the Internet of Things Is a Long-standing Problem
For example, in the early 2000s, I worked at Savi—a leader in RFID-based tracking and security solutions—on technology that kept tabs on shipping containers throughout global supply chains. It was one of the first large-scale implementations of the “Internet of Things” concept. Even then, it was clear that interconnected networks of devices were becoming critical in virtually every facet of life. RFID tags helped Savi’s customers track containers throughout the global supply chain, transporting everything from ammunition and chemicals, to coffee from Columbia and toilet seats from Turkey.
Since security is important in the global supply chain, we were already working to make our piece of the Internet of Things secure. Unfortunately, both the media and some parts of the private sector have only recently awakened to the security risk posed by, say, vulnerable “smart home” technology.
That’s because, at one level, a networked garage door opener is just a garage door opener. But if it’s on a network, it’s also an entry point that threatens not just the security of a home, but the security of any network it’s attached to. Ignoring the problem doesn’t make it go away; it just obscures a threat.
Security and Compliance: Tough But Business-critical
Security is a hard job, but it can be done with investment and hard work. It’s critical not to leave such networks unprotected. I’m now CEO of 8x8, a company that provides cloud-based unified communications—everything from business phone service to virtual call centers. 8x8 has been working for almost a decade to provide secure, compliant services for businesses.
Because it’s a hard job, lots of our competitors either say they don’t do it all, or they’re silent on the issues of security and compliance. Still others treat security as an afterthought, or something that’s a nice-to-have extra. Many businesses are then left twisting in the wind when their enterprise’s security is breached, or they fail critical compliance audits.
Secure, Compliant Business Phone Service Takes Time and Investment
But for growing enterprises, security and compliance of networked devices is too important to be ignored. That’s why 8x8 talks to potential customers about security and compliance, and often advises businesses about best practices for configuration of our communications services. And because we’ve invested years of effort in compliance and security, we can offer solutions that are compliant with FISMA/FIPS, HIPAA and PCI-DSS regulatory requirements. Most other business phone service providers can’t even begin to talk about meeting these requirements. But in an era of mobile phones and literally billions of other networked devices, anything less would constitute letting our customers down.