@ThingsExpo Authors: Yeshim Deniz, Liz McMillan, Kevin Benedict, Zakia Bouachraoui, Pat Romanski

News Feed Item

As M2M Use Skyrockets to Support Internet of Things, Global Study Finds Security Not Keeping Pace

IT Admins Disagree on Level of Security, Priorities and Responsibility for Remediation

HELSINKI and WALTHAM, Mass., Feb. 24, 2014 /PRNewswire/ -- Every day, countless invisible machine-to-machine (M2M) transactions and processes power automation of critical business and operational processes across industries. However, even as automated processes become the dominant mode of computing – outstripping the traditional model of interactive human-to-computer transactions – M2M security is often overlooked or misunderstood.

These findings are the results of a commissioned study conducted by Forrester Consulting on behalf of SSH Communications Security, known the world over as the inventor of the ubiquitous secure shell and SFTP protocols. The study surveyed 151 US enterprise IT decision-makers responsible for IT security in financial services, the federal government, retail, manufacturing, utilities/energy/waste management, business services, and high-tech (hosting and cloud services providers) industries.

The study found that the rise of machine-to-machine (M2M) connections within data centers across industries has far outstripped the awareness of organizations about how best to secure them, resulting in a misalignment of security and compliance priorities that is placing organizations at risk.


Organizations expect to increase their volume of M2M transactions.

  • M2M processes are used by virtually all organizations, and sixty-two percent of organizations expect to increase their use of M2M processes over the next 12 months.
  • More than half of the financial institutions surveyed currently use M2M connections for billing.
  • Fifty percent of respondents currently use M2M for logistics management and customer service.

M2M security is not seen as a high priority despite its role in data security

  • Despite wide usage of M2M transactions and processes to power critical business functions, organizations are not paying adequate attention to M2M security.
  • Few organizations appear to make the connection of robust M2M security as an important component of data security strategy – a top priority for many firms. 
  • Sixty-eight percent of respondents said data security was a critical priority, while only 25 percent said the same about M2M security.

Secure Shell Used Widely to Secure M2M Processes, but Management is Lacking

  • Organizations depend on Secure Shell for a number of uses, but are challenged to adequately manage Secure Shell keys in the network, leaving keys open to theft.
  • Financial institutions and hosting/cloud providers are the most likely to use Secure Shell to secure M2M communications.
  • Financial institutions are the least likely to say they have no Secure Shell access control issues (29 percent) while government institutions are most likely to say that their Secure Shell situation is fine (65 percent).
  • Tellingly, 65 percent of respondents said they centralize Secure Shell key management, while an equal 65 percent admitted that responsibility for Secure Shell management is shared among individuals.


Tatu Ylonen, CEO of SSH Communications Security and inventor of the SSH protocol, said: "As organizations across all sectors embrace the concept of the Internet of Things, enabling more objects and sensors to communicate to support new business models, the need to secure automated M2M connections is increasingly critical. However, misunderstandings regarding how best to secure M2M transactions – and whose responsibility it is to do so – have placed organizations under significant risk of data breach. We commissioned this study to discover how financial institutions, enterprises and government agencies perceive their M2M security needs. We discovered that they must take bold steps to evaluate the scope and strength of their M2M security strategies if they are to prevent data theft and comply with industry standards."

"The Rise of IT Automation and the New Security Imperatives: Growth in M2M Processes Requires a Fresh Approach to Security," published Feb. 14, 2014 by Forrester Consulting.

About SSH Communications Security
Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe - including seven of the Fortune 10 - trust our Security and Access Management Platform to secure the path to their information assets. We enable and enhance business for thousands of customers in multiple industries in the private and public sectors around the world. A fast-growing company, SSH Communications Security operates in the Americas, Europe, and APAC regions, with headquarters located in Helsinki, Finland. The company shares (SSH1V) are quoted on the NASDAQ OMX Helsinki. 

For more information on SSH Communications Security please visit http://www.ssh.com

Corporate Contact:

Media Contact:

Jason Thompson

Peggy Tierney Galvin

SSH Communications Security

Nadel Phelan, Inc.



[email protected]

[email protected]

SOURCE SSH Communications Security

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Rodrigo Coutinho is part of OutSystems' founders' team and currently the Head of Product Design. He provides a cross-functional role where he supports Product Management in defining the positioning and direction of the Agile Platform, while at the same time promoting model-based development and new techniques to deliver applications in the cloud.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in ...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...
Rafay enables developers to automate the distribution, operations, cross-region scaling and lifecycle management of containerized microservices across public and private clouds, and service provider networks. Rafay's platform is built around foundational elements that together deliver an optimal abstraction layer across disparate infrastructure, making it easy for developers to scale and operate applications across any number of locations or regions. Consumed as a service, Rafay's platform elimi...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
In today's enterprise, digital transformation represents organizational change even more so than technology change, as customer preferences and behavior drive end-to-end transformation across lines of business as well as IT. To capitalize on the ubiquitous disruption driving this transformation, companies must be able to innovate at an increasingly rapid pace.
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Ca...