A new report compiled by independent analysts Quocirca finds that businesses understand the benefits of the Internet of Things (IoT) but are concerned over data volumes, which will start to overwhelm their networks in 2016, and their ability to secure and analyse the data collected.
The report, found that while a small number (14%) of those polled think the IoT is overhyped, and wouldn’t affect them, the overwhelming majority say the IoT is already impacting their organisations (37%) or will soon (45%). When the survey looked at IoT uptake there were some real differences between the take up of IoT when it was driven by IT and when it was driven by the line-of-business (LoB). Where IT was in the driving seat the average take up was high (29%), with 50% of transport businesses already using IoT and 30% of retail businesses. When LoB took the reins, overall take up shrank to 19%, with manufacturing taking the lead (40%), followed by transport (30%) and retail was at just 10%.
The overall concerns over IoT were principally around three main areas; the networks being overwhelmed by the data volume produced, the inability to analyse the data produced and a lack of standards in IoT. However, they are taking actions to address these concerns, including deploying network edge processing to reduce data at the core, new business and operational intelligence tools and integration with enterprise applications, such as ERP systems.
As with general concerns, data related issues top the list of security concerns, with customer privacy, narrowly leading over the expanded attack surface that that will be exposed as more IoT applications are deployed and regulatory controls.
In general they identified four broad security groups:
- Data protection: many devices gather sensitive data, so its transmission, storage and processing needs to be secure, for both business and regulatory reasons.
- Expanded attack surface: more IoT deployments mean more devices on networks for attackers to probe as possible entry points to an organisation’s broader IT infrastructure.
- Attacks on IoT enabled processes: hacktivists wanting to disrupt a given business’s activities for some reason will have more infrastructure, devices and applications to target.
- Botnet recruitment: Poorly protected devices may be recruited to botnets.
When it comes to security and IoT you have two choices you either secure the endpoints or the aggregator level. Nearly half (47%) of respondents are already scanning IoT devices for vulnerabilities, and another 29% are planning to do so. When asked about the capabilities they feel are most important for authenticating the identity of devices, nearly all see DNS services as playing an important role, with the most experienced users supplementing these third party registry and IoT database services.
In terms of design and architecture for security, two-thirds (66%) see viewing IoT deployment being a series of hubs that interoperate with spokes on closed networks, making network configuration and security more manageable.
“Sceptic or otherwise, the IoT is now relevant to all organisations. Whether IoT applications are deployed to help IT function, driven by lines of business or through devices introduced by end users, various practices will need adapting to accommodate the millions of things involved which will, over time, dwarf the number of traditional IT endpoints,” explained Bob Tarzey, Analyst & Director, Quocirca. “These challenges can be minimised through thoughtful design and the use of hubs, in addition to new networks, management tools and security capabilities to get the most out of the IoT. Quocirca’s research suggests that the cost of supporting investments can be justified by the business value derived from newly IoT-enabled applications.”
While the report is downbeat in parts the overall view is that IoT is happening and concludes that businesses are already putting money aside and spending time to capitalise on it.
Are you prepared are you a sceptic or do you believe in IoT let us know?
The full report can be read here