Value and Security in the Internet of Things

In between producing one after another commercial extolling the value of the Internet of Things, Cisco has generated a report focusing on a value of a more monetary kind.  Their Trend Report, jointly released with DHL, estimates the IoT to generate $8 trillion in Value at Stake over the next decade.  For the supply chain and logistics industry: $1.9 trillion, which will have “game-changing consequences” for any organization that deals with warehousing, freight transportation, and other such operations.  Overall, the report predicts 50 billion connected devices in 2020, versus 15 billion today.  In short, it will be a tremendous windfall and a technological revolution for both businesses and consumers alike.  Maybe not as dramatic a change as the Neolithic or industrial, but significant all the same.

As with any major new enterprise, however, especially one as inevitable as IoT, we’re faced with numerous challenges.  There are issues, for example, of IoT’s potential—of optimization, synergy, and taking full advantage of the Metcalfe effect, which exponentially increases a network’s values in relation to the number of users—issues discussed at length by Dave Evans at TechCrunch. 

Aside from that, though, there are still pressing security concerns that haven’t really been dealt with before by data center operators, not to this extent.  One such concern results from the fact that many smart devices will be made by third parties, thus complicating processes of control and risk assessment/mitigation, as many of these devices will be connected to enterprise networks.  According to research firm, Gartner Inc., data center operators should partner with device manufacturers, and understand that security must be a part of IoT’s very infrastructure, as a possible solution to this problem.

Even then, the lack of users controlling the end point of many of these devices complicates attack response measures.  Particularly if the security system used for the data center is itself connected to other devices.  As with BYOD (Bring Your Own Device) policies creating a new risk for companies by allowing an unsecured mobile device to connect to the network, if the tools used to manage the data center are no longer separate from the system, a similar vulnerability could be created.  A new access point to “spark someone’s imagination,” as Jeff Wilson of HIS Technology puts it.  “The ability to rapidly respond to a breach or threat is still a major challenge,” concludes Mike Sapien, Ovum analyst.

You never know who is accessing your data, or where, or how.  Not until it’s too late, anyway.  The title of the TechCrunch article is “We Need to Get the Internet of Things Right.”  I agree, but before we can realize its full potential and functionality, we need to get the security right, too.

By: Jonathan Weicher