This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
IoT Spells Opportunity... or Risk
C-level executives often target easy or fast hits, yet these improvements don't come without a cost -- and by that I don't just mean money but the impact on IT as well. Many things can go wrong when management expectations don't align with IT reality, as can be the case with Internet of Things.
IoT is, in part, about simplifying complex processes involving things like the movement and placement of people, vehicles, assets, and products. The matrix below, from Forrester Research, reveals key areas for IoT adoption by industry and application.
As with any venture, however, organizations will have to weigh cost and risk factors against potential payoff for IoT. A key challenge will be security; as more manufacturers embed simple code and tools for managing via the Web substantial compromises might arise.
For example, I've previously written about tradesmen deploying HVAC, lighting, sprinklers, and other gear openly with default passwords and without IT vetting the vendor's configuration (see "Bad Idea: Ignoring IoT Security"). And, the ease of logging into gear on customer networks never ceases to amaze me. So much equipment -- printers, smart displays, smart TVs, video controllers, LED lighting, and more -- is readily accessible... and this means an easy target.
The second challenge I see is in finding qualified vendors with the IT skillsets to properly deploy an IoT solution into an organization's infrastructure. This is why many mistakes occur, with improper installation causing infrastructure damage. Unfortunately, businesses that don't have onsite IT support don't always know immediately of the consequences or impending problems associated with security compromises.
Many of the wares that I see have one or maybe two security features: 1) they limit admin access via username and/or IP address, and 2) they require a separate software tool that must access the IP interface to program or initiate commands to the devices. The endpoint devices often lack much more than the programming interface. The onsite gear, switches and VLANS using access control lists and firewalls, can prevent numerous areas of compromise with IoT deployments. While some of these solutions are compelling, customers continue to get seduced by the benefits and forget about the true costs associated with deploying a technology that could become more than a burden.
The last area that passes unnecessary risk or burdens onto businesses is the installing company's remote access. Who controls the credentials and does the customer have the ability to disengage? Without IT's involvement -- which occurs more than you may think -- companies want to plow ahead and accomplish a project to claim an award or a benefit. This temptation to keep going without IT addressing the requirements will land customers in the news while they face increased liability and potential losses.
IoT poses incredible opportunity, but some organizations too quickly forget about responsibility as they eye the potential savings or benefits.
Follow Matt Brunk on Twitter!