Who's Afraid of the Big Bad IoT? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Data Management
07:00 AM
Connect Directly

Who's Afraid of the Big Bad IoT?

In an atmosphere of fear about IoT security and privacy business should be aware that if an IoT project seems promising, it may be worth the risk to push on, as long as security is at the forefront.

If I didn't know any better, I'd think that the Internet of Things (IoT) was worse than the big bad wolf, creepy clowns and the IRS all rolled into one. What once was thought to be the next great evolution in the enterprise, has all but stalled out in both the private and public sector.

Image: Kane513/Shutterstock
Image: Kane513/Shutterstock

Much of this is thanks to the poor press that IoT has seen as of late surrounding data security. It then begs the question: Are our IoT fears truly justified? We're going to explore that complicated question today to get to the heart of why many enterprises are second guessing their IoT ambitions -- and why giving into IoT fears may not be the smartest decision to make.

Just to be clear, it was consumers that were first to embrace the IoT trend -- and the primary reason why we fear it in the enterprise. Everything from smart thermostats, to smart garage door openers, smoke detectors and doorbells have flooded the consumer market. But many budget and no-name brands being manufactured overseas were in no way designed with security in mind. The vulnerable IoT devices were easily infiltrated and turned into massive Distributed Denial of Service (DDoS) botnets. The most famous use of an IoT botnet to date was the DDoS attack on DNS provider Dyn, in October of 2016.

Yet, we must keep in mind that enterprise IoT is vastly different from consumer IoT. Not only are enterprise IoT devices hardened with an individual hardware and software perspective, IT architects responsible for designing IoT infrastructures have been taught to use an overarching, “security first” methodology for these types of projects. Therefore, security is not only baked-in to the IoT data collectors themselves, but also along the entire data pipeline. IoT projects that transport sensitive data will no doubt include security measures such as centralized authentication/logging, end-to-end encryption, and automated patch remediation processes to rapidly fix newly discovered security holes while deployed in the field.

Another thing for IT leadership to consider is the traditional risk vs. reward decision making process. In many business verticals, IoT projects can be used to create significant competitive advantages. A fear of IoT is expanding the window of opportunity, since many enterprise IoT projects have been put on hold due to concerns over data security. But if the project seems promising, it may be worth the risk to push on, as long as security is at the forefront. Often in the enterprise, we have to embrace fear and accept a certain level of risk. That's what business is all about. Don’t forget, early adopters once used the cloud to gain competitive advantages. That window of opportunity is now closed.

Personal data collection issues are another worry for business leaders. While this indeed is something to be made aware of, it too can be overcome. When the concept of big data and IoT first came along, the idea was to simply cast a wide net, collect and store everything you can – and then figure out what to do with that collected data. But with issues of personal privacy – especially if you are collecting data on customers – this is a poor approach to take. Instead, a better method is to collect specific data points that are useful, but also protect one’s right to privacy. Doing so will not only streamline your IoT project, but it will help gain the trust of your customers as well.

Here’s the bottom line: if you have the right IoT project in mind, concerns over data security should in no way stop you in your tracks. Yes, IoT is a bit scary, but fear is often something considered illogical -- or something we simply need to better understand and respect. In either case, a fear in enterprise IoT can easily become a boon for your organization, if properly handled.

Andrew has well over a decade of enterprise networking under his belt through his consulting practice, which specializes in enterprise network architectures and datacenter build-outs and prior experience at organizations such as State Farm Insurance, United Airlines and the ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll