Why Are Some Businesses Reluctant To Adopt The Internet of Things?
Although personal users are beginning to embrace the ‘Internet of Things’ (IoT) with vigour (Gartner predict there will be 26 billion installed units by 2020), businesses have been slightly less enthused by its potential – why?
The most stated reason by professionals is security issues; a recent GFI Software survey of 202 IT administrators discovered that an increased exposure to ‘existing and undiscovered threats’ was the greatest concern about IoT adoption. The survey claims that more than 75 percent of IT administrators would need to alter their security protocols in order to accommodate the changes in infrastructure which the IoT would bring about – including revisions to policies about employee connectivity.
It’s a view echoed by Nick Evans, Vice President of the office of the Chief Technology Officer at Unisys. “As IoT becomes more autonomous, potential cyber-vulnerabilities increase”, he said. “The potential for sabotage increases too, because these systems are often unprotected it’s relatively easy to move through them”.
The biggest problem is with the increased number of access points. While an average company may current have a total number of access points in the hundreds, the IoT could expand this into the thousands. Ultimately, each point needs to be secured – otherwise everything from in-car entertainment systems to your fridge at home could provide route into a company’s most important and valuable systems.
In truth, it is difficult to blame businesses for their stance. Cyber-attacks such as 2011’s Stuxnet worm and 2012’s Duqu Malware managed to cripple power and industrial systems whilst also stealing valuable data and intelligence. They left computer control systems devastated and ultimately severely impinged on companies’ bottom lines – making decision makers wary of further threats which they believe will become more common as the IoT grows.
Device Management Concerns
Another one of the major concerns raised by the survey respondents was device management. Sergio Galindo, General Manager of GFI Software’s infrastructure business, claims that although most businesses have some visibility into their connected devices, many do not monitor or regulate them. He points out that if Gartner’s prediction of 26 billion units comes to fruition, the number of potential flashpoints for problems is huge because the units will have chips that communicate with much larger systems. “How do you know they’re working, and who’s responsible when these [units] fail?” he asks. “IT departments have the responsibility, but not the capability, to manage them”.
The solution, it seems, is the development of global standards. Currently organisations around the world are trying to develop frameworks upon which these standards can be designed – but it’s a long and arduous process which needs to address such wide ranging issues as privacy, inter-device communication, what information is stored, and how information is managed. GS1 Auto-ID Labs recently told the US Federal Trade Commission that without these standards, proprietary or regional standards may evolve – thus threatening interoperability and locking purchasers to their vendors. “There is a strong need for global standardisation to reduce region-specific barriers to adoption”, they said at the time.
If the development of global standards are successful it could mark the first steps on the road to global IoT ubiquity – it would make it simpler to manage IoT devices and reduce the vulnerability of businesses to hackers. Until that time, businesses that want to embrace the IoT will have to create their own security procedures and hope that they are thorough enough to fully protect them.
By Daniel Price