The Internet of Things (IoT) movement is gaining speed at rapid rates. As a result, there has been a lot of discussion about security. Is a proprietary system or an open one more equipped to protect a company and its assets?
Proprietary system manufacturers claim their systems are more secure. After all, they have more control because their systems are closed, right? Wrong.
“It’s a fallacy to believe that because something is proprietary it is more secure,” says Allegion Futurist Rob Martens. “Proprietary systems are not more secure than open systems—in fact, I’d argue that, in many cases, they are less secure.”
Martens lists 6 reasons why open source systems are more secure:
1) Complexity doesn’t equal greater security.
“If a system is difficult to navigate—which is often the case with proprietary ones—that doesn’t translate into it being more secure, especially to a hacker,” Martens says.
2) 100% security is a myth.
“Nothing is 100% secure. If a provider is telling you their system is fool-proof, then you should be wary,” he explains. “There are holes in both proprietary and open systems. It’s the job of the integrator and the supporting IT team to plug those holes.”
3) “Security through obscurity” is not real security.
Proprietary systems rely on security through obscurity—that is, the use of secrecy in the design or implementation. Its owners or designers believe that because the system’s flaws are not known, then attackers are unlikely to find them. And that’s simply not true. “I liken that to thinking that just keeping quiet about your possessions means you won’t get robbed,” Martens says. “Keeping the source code closed might deter some hackers, but just look at the large number of successful attacks against Windows and other proprietary software. Those prove that closed systems are just as vulnerable.”
4) There is strength in numbers.
Everyone has access to the open system’s source code, which means bugs and vulnerabilities are found and fixed more quickly—closing up security holes faster. “The continuous and broad peer review, combined with publicly available source code, only improves security. Threats, defects and risks that may otherwise be missed are more apt to be identified and eliminated,” he says. “With open systems, there are literally thousands and thousands of teams working to enhance the security of the system.”
5) The collective effort leads to greater reliability.
Open source is peer-reviewed software, which leads to more reliability. The infrastructure of the Internet is largely composed of open-source programs that have proven to be both reliable and robust.
6) Only open systems can truly be audited.
Finally, with proprietary systems, you have nothing but the vendor telling you that the system is secure and adhering to standards. “With open systems, the visibility of the code—and the hundreds of thousands of eyes on it—means you can see for yourself and be confident,” Martens says. While proprietary systems offer some benefits, Martens believes that, in the end, they actually stymie growth and constrain an organization. Open platforms, on the other hand, provide the security, as well as the ease and functionality, that is a must for many businesses. “My experience has shown me that open systems are the best option for companies. While there are security concerns—because nothing is 100 percent secure—the collective efforts help integrators and companies manage risk and, therefore, offer greater security.”