Enterprises Failing to Secure M2M Transactions
-
M2M Transactions Expected to Rise
62% of organizations surveyed say that securing M2M transactions is important, and they expect to increase such transactions during the next 12 months. -
Data Security Is Top Priority This Year
96% of IT decision-makers say data security is a priority, whether it is intellectual property, trade secrets, corporate financials or customer data. -
Compliance Drives Investment
Compliance supersedes M2M drivers, like efficiency gains or alignment to business priorities, but challenges exist. -
Top Challenges to Compliance
48% of U.S. IT security decision-makers say implementing the proper controls is difficult. And 37% are unclear about the scope of compliance requirements. -
So M2M Security Remains Inadequate
Few organizations appear to understand that security is an important component of data security strategy, according to the report. -
M2M Seen as Merely Supporting Manufacturing
M2M is commonplace across numerous industries, however, for field-service requests, remote monitoring, logistics management, customer service and support, and it drives functions like billing, inventory management, backups, failover and disaster recovery. -
Big Data Drives M2M
As enterprises deploy big data, they are becoming increasingly reliant upon it. Big data processes are built onto M2M authentication and data transfers. -
Secure Shell Management Lags
82% of respondents say they use Secure Shell (SSH) usually to transfer data from one machine to another and for administrator access control. But it can also be used to secure M2M transactions, like automated backups and application developer access to test systems. -
Monitoring and Reporting Use of SSH
42% of organizations say they monitor and log activities of privileged users. 34% say they can generate reports on how many SSH keys are deployed and why. -
Recommendation: Understand Usage
Cope with SSH sprawl by understanding how and where you use it. Start by learning SSH identities, trust relationships, users and administrators. -
Recommendation: Treat Machine Identities Like User Identities
Ensure that your compliance and security can account for on boarding, off boarding, and monitoring of machine-based identities and credentials. -
Recommendation: Look for SSH Usage Patterns
This helps protect automated M2M transactions. The Internet of things will require improved security, especially the connections between devices and their interfaces.
Even though automated processes, called machine-to-machine (M2M) transactions, are overtaking human-to-computer transactions, M2M security is often overlooked, according to a new report by Forrester Consulting. M2M is used in applications such as billing, customer service and support, building automation, and digital signage. SSH Communications Security, inventor of the Secure Shell and SFTP protocols, commissioned the Forrester study, which surveyed 151 U.S. enterprise IT decision-makers in financial services, government, retail, manufacturing, utilities, business services and cloud service providers. The study found a "misalignment of security and compliance priorities placing organizations at risk." SSH CEO Tatu Ylonen says financial institutions, enterprises and government agencies "must take bold steps to elevate the scope and strength of their M2M security strategies if they are to prevent data theft and comply with industry standards." To read the full report, "The Rise of IT Automation and the New Security Imperatives: Growth in M2M Processes Requires a Fresh Approach to Security," click here.