Today’s IoTruth: Will manufacturers will secure my IoT devices?
Are you safe to solely rely on manufacturers to secure your IoT devices? The reality is, manufacturers would like to give you a secure product, but there’s a whole set of challenges that make this very difficult to execute.
In this guest blog post Pedro Abreu, Chief Strategy Officer from ForeScout explains more:
1. Lack of expertise – the PC industry for the last 25 years has been trying to secure the computer. And it has not accomplished that. Now imagine all these manufacturers trying to build security into devices where their core expertise is not security. As security markets continually innovate, attackers will take advantage of the vulnerabilities. And they’re going to take advantage of that lack of security expertise from the manufacturers.
2. Margins – this is about money, right? Think of the devices that you’re buying. Some of the devices are cheap, in the tens of dollars. Manufacturers simply do not have enough margins in the sale of their products to build security from scratch into those devices. Security is expensive and that cost cuts into the profits of manufacturers.
3. Strict Rules – think of the medical device industry. These devices collect critical data and have strict regulations intended to keep patients safe. FDA regulations prevent manufacturers and/or the user of devices to update them without revalidating the product. As a result, even if you found a vulnerability, you can’t simply update the product. Which means you’re going to be vulnerable for periods of time.
4. Competition – IoT is going to explode. Everyday new, innovative products come to market, and companies are beating each other by time to market. It’s that first vendor that’s going to take the market share and they’re going to build a product that customers want, with security as an after-thought. Building security from scratch takes time, and takes away from getting a product to market quickly.
So today’s IoTruth? Manufacturers will not be able to secure IoT devices. The burden of security is going to fall on the enterprise. You’ll be responsible for discovering all the devices that are connecting to your environment, and need to be able to control and secure them so that you can properly protect your organization.
Get Visibiliy, Control and Analytics of all devices on your network including Mobile, IoT, virtual, physical and rogue end points. Learn how your business can benefit now!