Home » Data Protection » Network Security

When Everything's Networked

You'll need a strategy for dealing with the hidden risks of Internet-connected air conditioners, door locks and forklifts.

April 01, 2004 — CSO — Lance James stopped at the arco station but found "out of order" signs on all the gas pumps. the woman behind the counter was shouting into the phone that the station's network had been down for two daysthus no credit or debit card transactionsand the pumps were shut down as well. James mentioned his background in network engineering and offered to take a look (he's the CSO of Secure Science).

The pumps were connected to the station's local area network. The LAN led to a converter box, which connected to the outside world via a modem. The modem was off. James turned the modem back on, rebooted the main computer, and all the credit card systems went back online.

And the pumps worked.

Welcome to the world of device networking. It's the next very big thing: connecting noncomputer gizmos to a network, like a LAN or the Internet. Some examples are by now familiarprinters, telephones, cameras. But the list keeps going and growing. Besides gas pumps, there are forklifts, elevators, motors, signs, alarms, switches, GPS systems, intercoms, thermostats, vending machines, biometric devices, counters, power supplies, locks, lights, heating and cooling systems, and on and onright now, someone is working to put each of these devices onto a network.

The grand goal is to improve the work product of practically everyone in the enterprise. R&D can monitor the behavior of products that have been installed in the customer's workplace. Facilities management will be able to do a remote visual check of any room in which a fire alarm has gone off. Since networked devices are always on, they generate continuous data streams that can be sifted and filtered and analyzed. Equipment needing repair or replacement can automatically alert the maintenance department. Customer support will know when vending devices need refilling. And all these devices will in turn have access to programs and databases, making them more intelligent as well. (Imagine a door lock that knows which days are holidays.) Harbor Research predicts that by the end of the decade, considerations like these will have brought trillions of devices online and into communications with each other and with databases, analysis programs and human users.

Initially, only one person in the company is likely to have mixed feelings about device networking: you.Start with a Bottle of BayerJames's gas station adventure hints at some of the extremely vexing security concerns created by device networking. Mitigating those risks will cost the CSO time, dollars and probably a fair amount of aspirin as well.