As a passionate advocate for the internet of things, I have long touted its ability to deliver tremendous business benefits, even as I have remained somewhat dismayed at the slower-than-expected rate of adoption. With so many spooky headlines about cybersecurity attacks and data breaches caused by vulnerable IoT devices — from IoT-enabled thermostats to coffee makers — perhaps it’s not surprising that many businesses are still hesitant to deploy IoT technologies.
By delaying adoption, however, you risk losing out on the transformational potential of IoT — including the ability to create entirely new business models, value propositions, revenue streams and markets. The good news is that we can now see light at the end of the tunnel: Enterprises and their ecosystems are making progress in overcoming not only security challenges, but also issues with privacy, complexity and interoperability. So, in the spirit of Halloween, here are four of the scariest IoT goblins businesses face and how you can outsmart them:
Security concerns are arguably the most important factor holding back enterprise IoT adoption today. A survey of more than 600 IT professionals found that 97% believe a cybersecurity attack related to unsecured IoT devices would be catastrophic for their organization, and 81% feared such a breach was likely to occur within the next 24 months. To strengthen the security of your IoT devices, adopt a comprehensive, policy-based architectural approach that addresses the increasing convergence of IT with operational technology (OT), as well as the integration of physical and digital security. Also develop a detailed incident response and remediation plan for before, during and after an attack, because it’s not a question of if you will be targeted, but when. Finally, emphasize to your employees, suppliers and partners that IoT security is everyone’s job. From your C-suite to device makers themselves, we must all embrace an end-to-end approach to IoT security.
Hand-in-hand with security concerns come privacy concerns. Whether it’s an IoT-connected fitness tracker accidentally revealing sensitive military locations, or a Roomba potentially sharing a map of your home with would-be burglars, concerns around data privacy are very real. You must ensure that the wide variety of customer, employee and partner data collected and shared by the IoT devices in your organization is not only secure, but also protected from a privacy standpoint. You can do this by following data security and privacy best practices including data encryption, multifactor authentication and user-managed access standards that make it easier for end users to grant or revoke consent to collect, use and share their data. If you haven’t already, employ a chief privacy officer and adopt the frameworks prescribed in the European Union’s GDPR, which is an excellent model for data privacy around the globe.
A lack of industry-wide standards has also exacerbated many of the data security and privacy challenges that are hindering enterprise IoT adoption. The prevalence of legacy, single-vendor, proprietary technologies on the market have led to disparate systems, data silos and security gaps. But to experience the truly transformational potential of IoT, you must be able to use and share data from across a multivendor ecosystem.
Fortunately, a host of horizontal and vertical standards bodies and consortia — such as the Internet Engineering Task Force, IEEE and the International Society of Automation, just to name a few — have emerged and are working to develop common frameworks and architectures. IoT vendors are also working more proactively to address interoperability challenges and agree upon horizontal standards, such as whether to use Ethernet or IP to meet IoT requirements for motion and safety applications. By coming together to develop and agree upon standards as an industry, we’ll be able to not only strengthen data security and privacy, but also enjoy IoT systems that are less costly and complex for organizations to deploy.
Speaking of complexity, I see it as the last major hurdle holding back enterprise IoT deployments. Part of the reason the IoT industry is so complex is that it is not a single market — it is actually a collection of markets, sub-markets and ecosystems with nearly limitless use cases, opportunities and value propositions spanning all vertical sectors. Because IoT is so complex, no single vendor can approach it alone to create an end-to-end system that solves a business’ unique challenges. Instead, delivering successful IoT technologies requires establishing an ecosystem of partners including horizontal, vertical and geography-specific specialists who are willing to co-innovate with you. Each member of the ecosystem contributes their own particular technologies and expertise to create a comprehensive, end-to-end business system.
For example, horizontal specialists ensure scalable, interoperable and cost-effective technologies, such as providing the unified, standards-based network infrastructure on which the IoT application will run. Vertical specialists could be a vertical market systems integrator who can tailor a system, make sure all IoT components interoperate and can integrate them with existing or new business processes. And, geographic specialists enable hyper-local IoT deployments, helping you consider local environments, laws (like data privacy regulations), economics and use cases. The key is to take a co-innovation approach, working with your ecosystem of partners while always keeping the customer’s needs at the center of your focus.
Despite the frightening headlines of data security and privacy breaches, the reality is that when done right, IoT has the potential to transform not only enterprises, but entire industries, economies and even our societies. By adopting strong data security and privacy protections, establishing industry standards and working together with a broad ecosystem of partners, we can scare away the spooky goblins that have held back enterprise IoT adoption and develop business systems that deliver transformative results.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.