Is your data encrypted?
I recently saw a figure that both startled me, but also really did not. Tech Pro Research conducted a survey of IT professionals, to study how their companies were interacting with new Internet of Things (IoT) technology.
The number that stuck out to me was: of those respondents who said their businesses did use IoT devices in some way, only 50% reported that they encrypt their data. This stat was included among the list of security measures those IoT-positive respondents cited as used among their companies. The majority (70%) rely on security policies and updates to defend their systems.
I say this not just because encryption is what we do (though it doesn’t hurt), but because it really does baffle me that the last line of protection for a business’ critical data is still so often unemployed. Fifty percent isn’t bad, and is more than it would have been just a few years ago. However, it still means half are leaving their information perfectly clear and viable for any hackers or insiders who manage to make it through all other bulwarks.
Though every company must conduct its own risk assessment when deciding its security strategies, these are without a doubt chances that should not be taken. Especially not when it comes to the IoT. I mean, iRobot’s new Roomba i7 doesn’t just store your floor’s dust, it stores your floor plans, mapping out your home as it chugs along. According to the Tech Pro study, at least 40% of businesses that use IoT devices collect this type of data (whether it counts as customer or performance information); I suspect people are going to want that particular set of data kept secure as possible.
Ultimately, only 15% of the study’s 104 respondents said their company did not, nor had intention to use or produce IoT devices. Even with a small sample size, this leaves a large percentage that do. While it’s heartening that almost all of these claim they use at least some security measure, and we’ve come a long way, there is still room for improvement.