What security risks does IoT bring to the corporate world?

Author:
Publish date:
james-Simoniti-gfk-main-ITCE.jpg

The Internet of Things (IoT) is one of the most revolutionary trends in technology today. It is often referenced in relation to the ‘smart home’, where household appliances, meters and devices autonomously communicate with each other via the internet and wireless signals. Yet the IoT is incredibly relevant to business too, unlocking numerous opportunities, from improved internal efficiencies to superior external products and services. But it does not come without its risks – what were once individual objects must now be seen as nodes in an interdependent system, open to more methods of infiltration than ever before. So how should businesses measure the risks of investing?

The mass connections brought by the IoT lead to a proliferation of ‘access points’ through which the system can be infiltrated; it is estimated that within two years, “more than 90% of all IT networks will have an IoT-based security breach” . Almost everything will be connected into the system, and previously ‘secure’ and ‘unthreatening’ objects/devices will become weak points. For example, there are now instances of printers being hacked – a threat that could never have been envisaged a few years ago. The consequences could be devastating if these objects and devices are tied into a greater system, infecting other ‘nodes’ as a result of their connection.

So just what is at risk? While in the home, an IoT error may simply lead to too many groceries being ordered by the smart fridge, there is much more at stake for businesses – from corporate data to human lives. With usage rates and applications of the IoT varying drastically by industry sector, we explore a few examples:

Healthcare

A key IoT application in the Healthcare sector is the ‘Patient Sensor’ – a device worn by a patient which measures important biological signs such as temperature, blood pressure and heart rate. The data collected by the device is sent in real-time to medical professionals, with any anomalies leading to an alert, resulting in the dispatch of a local nurse or carer. This increased efficiency may be especially appealing in Western countries, where an ageing population is adding significant pressure to already-stretched healthcare systems.

However, it is clear that this application of the IoT is fraught with risks. A breach into this system could lead to numerous patients being left unmonitored, with potentially fatal consequences. Due to these drastic consequences, security here is paramount.

Transport

The Transport sector’s usage of the IoT can currently be seen on railway networks. Cisco’s current offering ‘Connected Rail’ is an IoT solution, allowing customers to pay fares digitally in-carriage, while allowing management to track passenger numbers, see congested stations, track times and speeds of trains, and even stop the train automatically at certain points. All this may lead to efficiency savings, and more importantly to greater safety and fewer accidents on railways. Indeed, it has been shown that human error is the primary cause of railway accidents .

Despite these potential increases in safety, heavy reliance on the IoT system could mean a breach might lead to chaos. Minor errors could cause huge delays, and if payments are being made through the system, customers’ financial data may be accessible. Of course, there is also the potential for accidents to happen on the railway itself, again with potentially fatal consequences. So once more, security is vital in this sector.

Financial and Professional Services

While Healthcare and Transport are relatively high usage industries, it is important to contrast these with low usage industries – namely Financial and Professional Services. This ‘usage gap’ is mainly due to the benefits the IoT can bring. For the Financial and Professional Services industries, the IoT may be used for small-scale operations (such as ‘smart printers’ that automatically request ink when they run out), but there is currently no large-scale IoT solution available for operational improvements in these sectors.

However, Financial and Professional Services may use the IoT in a different way - to analyse ‘Big Data’. The data created by the IoT may provide very useful insight for these industries to help identify inefficiencies within businesses, and to highlight which sectors require investment. For example, a consultancy would be able to go into a manufacturing firm, access their IoT data, and be able to undertake a more detailed analysis of their production process, identifying where wastage is occurring.

But yet again, exposure of data within the IoT system is a real risk, potentially leading to lawsuits and lost clients (and revenue). Therefore security cannot be ignored in any industry sector – where the IoT is used, there is always a risk.

Despite the wide range of IoT applications across industry sectors, we see a single key theme emerge – the importance of security. A breach in an IoT system can lead to consequences from the theft of corporate data to endangering the lives of those with medical conditions. The consequences, coupled with the increased connection of devices in the wider system of the IoT, require significant focus on and investment in security.

Yet businesses should not be put off by the risks inherent in IoT adoption. Undoubtedly, the IoT can revolutionise the way we live, work on play both on a micro and macro level, making business more efficient, convenient and safer. It is due to this incredible potential that businesses must embrace the expansion of the IoT – or risk being left behind.

Related