Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Security concepts, principles for Internet of Things rethink needed, says Gartner

Ike Suarez | May 5, 2014
IT research and consultancy firm gives recommendation in latest report.

Security concepts and practices for enterprise systems need rethinking as a result of the advent of the Internet of Things (IoT), according to the IT research and consultancy firm, Gartner Inc.

The Stamford, Connecticut-based research company Gartner gave the recommendation as it released its new report, "What Securing the Internet of Things Means for CISOs."

But the press statement by Gartner announcing the release qualified the recommendation by advising against complete discarding of current security practices as many of these are still applicable in many cases.

Each Security Strategy Unique

Instead, each security strategy for each particular enterprise system must be crafted uniquely with a case-to-case basis mindset that blends traditional approaches still applicable with new security solutions demanded by the IoT devices deployed in the enterprise network's topology.

Such a blend would harness security approaches from mobile and cloud architectures, combined with industrial control, automation and physical security, according to the press statement as it cited recommendations from portions of the report.

Gartner said there is still is no guide for securing IoT that provides a framework for incorporating IoT principles across all industries and use cases.

But it is now possible to establish interim planning strategies which take advantage of the "bottom up" approach for securing IoT.

The report advised chief information security officers (CiSOs) to start small and develop initial security projects based on specific IoT interactions within specific business use cases.

They could then build on these use case experiences to develop common security deployment scenarios, core architectural foundations and competency centers for the future.

 

Sign up for CIO Asia eNewsletters.