IT Pros: Internet Of Things Is A Governance Disaster

Not that we needed a survey to tell us this: but IT pros are seriously concerned about the risks posed by all the IP-enabled devices that are starting to connect to their corporate networks.

A survey of IT pros found most think the benefits of the Internet of Things outweigh the risks – though maybe not for companies! (Image courtesy of ISACA.)

That’s the conclusion of a survey of 2,013 members of ISACA, a worldwide association of information security professionals, which found almost unanimous agreement that the Internet of Things poses a governance problem for their networks, with increased security threats the most oft-cited governance issue raised by IoT adoption.

The survey (PDF) also polled 4,000 consumers in the U.S., U.K., India and Mexico, finding that IT professionals were less sanguine than consumers about the transformative potential of the Internet of Things for enterprises. Just four in 10 agreed that the benefits of IoT adoption outweighed the risks, while half of the ISACA members polled felt that the benefits of IoT to consumers outweighed the risks. Around a quarter of the IT pros surveyed felt that the risks of IoT technology outweighed the benefits for enterprises. Almost a third agreed that the same was true for consumers.

Related Reads: Internet of Things Demands New Social Contract To Protect Privacy.

IT pros’ concerns about IoT adoption were diverse, but two main concerns stuck out: security threats and attacks aimed at the diversity of new, Internet-connected endpoints, and data privacy risks posed by those devices. Seventy five percent of the 2,000 ISACA members surveyed listed one of those issues as their “top” governance concern with IoT devices. Other worries ranged from  identity and access management challenges to compliance requirements.

Which isn’t to say that respondents were entirely pessimistic about the changes wrought by the Internet of Things. Fifty one percent of the IT pros surveyed admitted they have plans to capitalize on IoT technology at their employer, with 31% claiming that enterprises have already benefitted from greater access to information provided by technology that was part of the Internet of Things, ISACA said.

Among consumers, awareness of the new technology is still dawning. Just 16% of consumers surveyed in the US as part of the study recognized the term “Internet of Things” – funny since most had used some IoT technology like a GPS enabled mobile device, wireless toll collector or “smart” TV.

Three quarters of ISACA members listed either cyber security threats and attacks or data loss as their top worry about Internet of Things technology in the workplace.

While many recognize the potential of the technology, privacy concerns loom large. Fully 90% of US consumers surveyed said they worry that their personal information will be stolen.

“The push/pull relationship people have with technology risk and reward takes on a whole new level in the Internet of Things era,” the surveys authors conclude. “Far more personal information is shared, and it is shared in ways that the average consumer finds hard to see or control.”

The US government has taken a more active interest in the flood of new Internet connected devices hitting the market. In September, the Federal Trade Commission issued a warning to makers of IP-enabled devices for use in homes and businesses, settling a case with TRENDnet, a California maker of surveillance cameras that were found to be vulnerable to remote hijacking.

In the EU, there have been calls for a new “social contract” to address changes brought about by the Internet of Things – enshrining the right to privacy and preventing a technology-fueled Orwellian surveillance state.