Respondents overwhelmingly cited greater exposure to existing and undiscovered threats, particularly from mobile devices, as among their most pressing concerns about the onward march of the Internet of Things into their organization.
The survey of 202 IT decision makers in U.S. workplaces employing up to 250 people revealed that the growing relevance of IoT for SMBs means growing security threats, greater device management challenges and increased costs for IT management.
Analysts expect the number of devices – or "things" – that will connect to the Internet to grow radically by 2020, with Gartner estimating that 26 billion addressable devices will find a home on a corporate network. This spike in connected devices will create billions of new unsecured endpoints that will in turn produce new vectors of attack designed to either compromise the device or gain access to the infrastructure.
Disruption is a significant concern, as 96.5 percent of IT decision makers surveyed said that IoT would produce at least some negative impacts for their organizations, with more than half (55 percent) saying it will impose new security threats while extending existing threats to a greater number of devices. Furthermore, 30 percent said IoT will result in an increased IT spend, while 26.7 percent expected device management to spiral out of control as a result of the rise of IoT. 14 percent expect that deploying patches across multiple platforms will present a particular challenge.
"The research findings reveal that the Internet of Things will transform business security, as even standard employee devices could present an opportunity for exploitation and pose a real danger to organizations if they are connected to the Internet without proper security protections," said Sergio, Galindo, general manager, infrastructure business unit at GFI Software. "With billions of devices poised to connect to the Internet, organizations are exposed to billions of insecure new endpoints that can compromise the network. The key takeaway is clear: IT organizations must plan effectively to ensure adequate operating system, firmware and patch support within the new IoT age."
A sea-change for IT administration
Each new modern innovation requires adaption to new technologies – not only to take advantage of the new opportunities, but also to adjust to the new problems that inevitably arise from it. So it goes with the Internet of Things, as more than three-quarters (78.6 percent) of IT administrators expect their security practices to change as a result of IoT. Among these changes, nearly one-third (30 percent) expect to have to revise policies about connectivity in the workplace to manage this adaption.
Going mobile: Danger ahead
The increasingly prominent role wireless devices play in the daily lives of employees results in greater security risks in general for an organization. When it comes to IoT, the risks from mobile devices become particularly acute, according to survey respondents, 81.7 percent of whom indicated that mobile devices create the most potential as a point of exploitation in the IoT age.
Build that wall
Existing anti-spam, anti-virus and anti-malware infrastructure may not do the job of protecting against the multitude of risks posed by the billions of insecure new endpoints. When asked to rank priority areas of security focus, 45 percent of IT decision makers surveyed pointed to firewalls as their very top priority, while 35.7 percent cited mobile device management. Anti-virus was cited as a top priority by less than a fifth (18.7 percent) of respondents.