Posted by EE Publishers on 23 February 2016
There is a myriad of digital data being generated on a daily basis, with bring your own device (BYOD), social media and the internet of things (IoT) becoming increasingly prolific as internet users progress in what is referred to by local research firm World Wide Worx as the “digital participation curve”.
For companies, making sense of it can be a headache, not to mention a major drain on resources. What follows are some of the challenges – and possible solutions – around security issues that should be top of mind in today’s business environment.
It has been a constant battle for the past two decades to ensure a secure internet and, although massive advancements have been made, the internet is still not 100% secure. As we start connecting hardware devices that control things like domestic and business security systems, smart devices, personal fitness devices, tracking devices and electrical appliances – to name a few – the situation will only become more complex.
The hardware appliance is the weakest link – no matter what it is – so the hardware device needs to be built to accommodate security features like encryption, multi-factor authentication and password strength validation.
While BYOD indisputably brings with it a number of benefits for companies, it also comes with its fair share of security concerns. Organisations that permit BYOD can benefit from a reduced investment in hardware and enable employees to be more mobile and have 24/7 access to network resources.
On the flip side, the possibility of jeopardising company data is a reality that cannot be overlooked. This can be caused by lost or stolen devices, insecure applications, unauthorised access by non-employees and the fact that devices can connect to company networks over insecure wireless networks.
Interlinked with BYOD is IoT – a relatively new phenomenon bringing with it similar challenges. Although IoT is not a mainstream reality in South Africa as yet, it is said to be rapidly heading that way. IoT will become a reality in South Africa without doubt. Every time our devices become smarter and faster, we move forward towards a fully connected IoT.
While growth offers a lot of opportunities, IoT, in essence, is still not mature, or secure. Adding millions of new devices, billions of lines of code, along with more network infrastructure to cope with the load, will create a new set of challenges, probably far exceeding those of the past two decades.
Despite this, it is believed that local businesses do not take security seriously enough. Even though larger, more security-conscious organisations like banks take security very seriously, they do not necessarily align their security strategies to accommodate for future demands or what the impact of their security strategy has on customer experience. So-called midstream businesses in South Africa generally have very poorly managed security policies, if any.
In both instances of BYOD and IoT, security is key, but this does not mean that businesses need to have specialised security needs.
One of the products in PBSA’s software division, pbDigital, advocates is identity and access management (IAM). IAM outsources all required security requirements to run on the latest international identity and access management on one centralised solution.
IAM is a customer-centric identity and access management solution that empowers users to manage their own identities, enabling the organisation to reduce customer care costs by automating the identity processes.
IAM improves customer convenience with verified social identities and provides strong, multi-factor authentication for business-critical transactions. In other words, IAM takes care of centrally managing the identities of online users, eliminating the need for organisations to spend time and recourses on manually managing user access to their networks.
This is one of the means that companies can use to address the security challenges they face amid the burgeoning of data-intensive phenomena like BYOD and IoT. IAM is designed to centrally manage hundreds of thousands – even millions – of identities, devices and their associated access to multiple networks, which is simply not doable with physical customer service or manually managed security.
IAM involves linking the correct person (device owner) to the device. The second application is managing the access rights the device has to one or more networks, and the third is encrypting the channels of communication between the device and the various networks. All of these instances are centrally managed by IAM.
IAM is one of a range of solutions companies can employ to protect their digital empire, says Van der Merwe, and security can not be ignored by companies operating in today’s digital world.
Weak security when it comes to BYOD and IoT in the workplace will affect the confidence of consumers and organisations. This, in turn, will slow the process down until strong security is adapted and users and organisations can enjoy the benefits of IoT confidently and securely.
Contact Leon van der Merwe, PBSA: firstname.lastname@example.org / Tel: 011 516 9459