The double-edged sword of IoT

, The double-edged sword of IoT

Ian Shearman, Managing Director at KCOM NNS, discusses why the internet of things is fast becoming a double edged sword

The Internet of Things (IoT) is set to bring revolutionary changes to the way we live, work and play. Billions of devices will have the ability not just to communicate with each other, but also to react to the world around them seamlessly, ultimately improving human experience. Think smart fridges that can tell when milk needs replenishing, and autonomous cars that seemingly just ‘know’ the best route to take. It’s predicted that within the next year, 90% of cars will be connected and global spending on IoT will hit $1.7 trillion. There’s no denying that the more embedded the IoT becomes in our lives, the higher our expectations of technology will be.

The potential of IoT for businesses

IoT is opening up unprecedented possibilities in the business world.With the advent of cloud computing, combined with IoT-enabled smart devices and applications, the standard 9-5 workplace set-up is becoming a thing of the past. Businesses now have the opportunity to create a holistic network infrastructure with all technology embedded into the same solution, employing cloud and SD-WAN or hybrid WAN capabilities to optimise their operations and service delivery. With network configurations and updates mostly automated, this more streamlined, seamless approach will enable businesses to enhance relationships with ever more demanding customers and employees.

The pace of change has never been faster. By 2020, it’s predicted there will be 50 billion connected devices and five million new applications built to support them, all generating data. IoT means greater insight into customer behaviour, giving savvy businesses the opportunity to respond with targeted strategies from branding to shop layouts, new products and services.

IoT also has the potential to drive significant operational efficiencies. Intelligent smart devices will interact with our surroundings and save time on numerous standard interactions such as coffee and stationery orders, along with practical, location-specific activities such as monitoring fridge temperatures in clinical environments. Sensors and tracking devices mean services like heating and lighting can be controlled remotely and automatically. Not only that, but energy will become cheaper as a result of smart grid coordination optimising its delivery to connected workplaces. The data collected from day-to-day operations will then be fed back to the grid, promising a more cost-effective and sustainable model for any business.

What are the pitfalls of IoT for businesses?

While the benefits of a new connected world are clear, what’s less well understood are the risks of this astronomical volume of data. Arguably, the biggest challenge of the IoT will be the risk to security and privacy – already there are concerns about ease of hacking and the potentially disastrous consequences this could have on businesses.

At its heart, IoT is concerned with collecting, analysing and using data.It offers the potential for a global view across the whole of an organisation, with unprecedented insight into customer behaviours, business operations, individual working habits and more. While it’s easy to see why businesses are excited at the potential to gain valuable data-driven insights, access to data on this scale can also present major risks.

Infinite new connections between devices are potentially leaving the back door open in terms of security. As well as an increased chance of security breaches, growing reliance on a rising number of applications also means an increased potential for damage in the event of a breach.

Combining new technology with legacy infrastructures can be a tall order and – without the right strategy in place – can create problems that are difficult to repair. Cyberattacks have become so sophisticated that no business is immune, regardless of its size. Data hacking is a very real threat and businesses that ignore the idea must open their eyes to reality.

How to protect your most valuable data

As the IoT revolution gathers pace, organisations need to think carefully about data protection policies that will meet their own and their customers’ needs. Maintaining a solid IT security posture is an ongoing task requiring continuous action and review. Businesses must adopt a less passive attitude to security and become more active and preventative. It is no longer sufficient to retrofit cybersecurity; it must be planned up front in order to be effective. This is a time where taking a ‘security by design’ approach rather than ‘by addition’ is crucial.

It’s impossible to prevent hackers getting in, but organising data using encryption is the best way to protect sensitive or private files. Creating an impossible maze of navigation distracts and confuses potential hackers and creates a challenging and time consuming process, impeding them in their tracks.

A robust security strategy must be at the core of every network. With an ever-increasing reliance on data, it is critical that protection and security surrounding confidential personal data is a fundamental part of any business model and that it is monitored constantly to minimise the effects of potentially devastating security breaches.

Why workplace culture is critical to security

Although essential, technology-led data security solutions are only one piece of the jigsaw. An organisation’s security culture is the foundation of its data security programme. The reality is that humans are the weakest links in any organisation; while computers will do as we programme them to, humans do not, which makes the need for a security framework even more crucial. According to Verizon, human error is the root cause of close to one in five data breaches and, while almost three-quarters of attacks are perpetrated from outside an organisation, more than a quarter involve insiders.

It is critical to embed security values into an institution’s culture, and for action to replace rhetoric – an engaged workforce is more likely to feel accountable and take responsibility for security issues. Employees are often pinpointed as targets to obtain data, which makes the need to educate colleagues on cybersecurity all the more important. Awareness of what an early “phishing” attempt looks like, for example, could prevent a fatal business attack.

An organisation’s security culture requires ongoing care and maintenance. When this security culture is sustainable, it will transform security from a one-time event into a way of working that will forever generate a return to a business. For employees, there must be a focus on continued awareness. Security training should not be treated in isolation; instead companies should commit to regular sessions for their people across all areas of the business to boost confidence and performance.

Businesses are set to benefit from the IoT in a myriad of ways and, while it is encouraging to see some embracing all that technology has to offer, the risks that IoT pose shouldn’t be ignored. Only when a robust security strategy is in place can organisations truly capitalise on new technology, safe in the knowledge that they have taken steps to protect their ongoing operations against the potential threats that the new connected world brings.