SimpleWAN Exec Explains Why the Time is Now for IoT Security

When it comes to security problems, the hits just keep coming. The vulnerabilities will only multiply as the Internet of Things expands. That’s why Erik Knight of SimpleWAN is sounding the alarm.

“Hey, wake up,” he said during an interview today at ITEXPO/IoT Evolution Expo. “Look at it. It’s bad. Just be aware.”

SimpleWAN is an SD-WAN solution provider, and cybersecurity is a big part of its strategy. Businesses that leverage SD-WAN to see and control their networks in real time get a better handle on what’s happening at each of their sites and can see and act on attacks as they happen.

Knight said there were several security problems revealed in just the past few weeks. One involved the reveal of the fact that 100 percent of the Linux base had a kernel vulnerability from 2012 code, and someone just found it last week, he said. In another, it was found that Adobe Flash has a vulnerability that allows hackers to remotely execute code on a machine, he added.

Yet while we have all become painfully aware of such security issues and the problems that vulnerabilities can create, players in the IoT arena are rushing to bring things to market so fast that they’re not taking the necessary steps to secure their solutions, he said. Meanwhile, there’s an army of hackers out there just waiting for the opportunity to expose these vulnerabilities, benefit from them and/or share them with their fellow techies.

That becomes a real problem, he noted, when people’s lives are on the line such as related to a connected car or medical device. Gaining remote control of a washing machine, he added, could potentially enable a hacker to keep the water running and flood a home or business. Hacks to the IoT could also create havoc if a bad actor were to take control of multiple connected devices and turn them on at the same time, creating overload of the power grid, he said.  

To improve security, SimpleWAN is making a big push for two-factor authentication. In fact, it will require it for all clients within six months, Knight said. Because dashboards and servers are centralized in a cloud architecture, he added, when outsiders get unauthorized access to these assets, they can control everything.

“As a cloud provider we realized that is our biggest risk,” he said.  “We’re making a big push for that, and everyone’s excited. But we expect big pushback on that.”

That’s because although people want things to be secure, they don’t want to make the extra effort to ensure security, he said. Security today is a checkbox, he added, but in the future Knight thinks security will move more front and center for IoT solutions providers and users.