“Internet of Things” Puts Cybersecurity Front and CenterMarch 29th, 2016 by Nick St. Denis
The “Internet of Things” (IoT) has taken hold across many industries, including fenestration. While this improved connectivity and ease of access to data has made businesses more productive than ever before, it’s also raised unprecedented security concerns.
John Cunningham, director of business and industrial IT at RoviSys, presented on the topic during the recent Glass Processing Automation Days in San Diego.
“Devices on the plant floor have become smarter,” he said. “And once these things are automated, they are being tied together.”
New technologies and processes connect all facets of the business—workers, operations, product supply chains and services—with one another. “What you end up with is the connected enterprise,” he said.
Demand for data is increasing, whether for product tracking, supply chain integration, shop floor operations/maintenance or basic analytics. Data speeds are higher, which means more information can be transmitted, which is a major positive.
This also results in significant cyber exposure.
“Unless you’ve been violated before, people don’t think about cybersecurity,” said Cunningham.
He said an “increased attack surface” has enlarged the threat of security breaches. “The bad guys can go after more stuff in your facility, because more stuff is connected,” he said.
Another cause for concern is workers bringing in and using their own devices, such as smartphones. By doing so, “you can inadvertently bring problems into your facility without knowing it,” said Cunningham. Additionally, more advanced threats, such as “headless worms” and “ghostware,” continue to evolve.
Businesses need to take a hard look at whether or not their cybersecurity is ready for the IoT. He advised doing the following:
-Use secure passwords;
-Make sure anti-virus programs are installed and up to date;
-Ensure security patches are up to date;
-Have strong security policies in place;
-Be sure personnel are educated and security-aware;
-Make sure firewalls are installed and configured;
-Ensure your network is properly segmented;
-Make available access control to only what is needed for the job; and
-Have in place application and user activity monitoring.
Cunningham said companies need to understand that IoT is happening now, and to address cybersecurity as an integral part of their plans.
He added that it’s important to have a “champion” of cybersecurity in the business.
“As an industry, as we automate more and integrate more, this is something we really need to pay attention to,” he said