Security professionals are losing control of their companies’ security perimeter, both on the virtual and physical aspects. This is evident with millions of people now working from home to remain socially isolated. We’re also seeing telemedicine, remote health monitoring and remote learning being pressed into service quickly. Technologists have been talking about these tectonic shifts for years but it is all coming about in the blink of an eye in the face of this global pandemic—and the changes will be long-term or permanent once we make them now.
While aspects of work, healthcare and education move to people’s homes, they are vulnerable to threats and weaknesses of home networks and IoT devices that are outside the secure perimeter of the traditional workplace, clinic or school. Many home environments have hard-to-secure devices that are considered part of the IoT—printers, surveillance cameras, home automation assistants, even critical health monitors. These devices can be vulnerable due to outdated firmware, lack of internal protections and inherent security weaknesses. One exploitable IoT device can result in network-wide security issues.
We are facing a new reality when it comes to the use of “personal” technologies for work, health and education. The reality is that these devices don’t sit behind a secure network perimeter as we use them in the home. Even businesses that instruct their workforce to work at home can’t afford expensive security solutions at the far edge of the employees’ homes, opening gaps in the security posture.
Just as technologies designed for use in the home are generally developed with ease of use in mind, they must also be developed with inherent cybersecurity so the devices can monitor and protect themselves from threats. In the absence of network perimeter security, the security perimeter must be part of the devices themselves.