The Internet of Things has been in the news, home security systems, connected cars, smart cities, and environmental controls. Less publicized, but no less important, is IoT in manufacturing and other enterprise applications. IoT technologies are surfacing faster than government and other organizations can keep up. Weaknesses are already evident with standards, interoperability, security and privacy, and legal and economic issues. If you thought IoT is about deploying sensors and controls and processing the data, you have underestimated the impact of IoT. If you are new to IoT, I explain what IoT is in Are You New to IoT?
The 3rd Annual Internet of Things (IoT) Global Summit was held in October in Washington D.C., and focused on the policies, legislation, and applications of IoT. This summit was less about technology and more about the issues that will benefit and potentially harm organizations and citizens.
There were three areas covered at the event that I think will be of interest. Each topic raises questions that need to be addressed. The answers to the questions will accelerate or slow down your use of IoT. Evaluate the questions. If you are planning or implementing IoT networks and applications, you need to answer the questions to your satisfaction before proceeding.
Security for IoT
In order to deliver the benefits that IoT technologies offer and gain business and consumer trust and confidence, it is important that stakeholders (service providers, vendors, users, government agencies, educational institutions) collaborate to tackle and resolve the vulnerabilities.
The National Security Telecommunications Advisory Committee (NSTAC) in the U.S. reported last year that IoT has several security factors that both public and private sectors should consider. One session at the summit covered the report recommendations and where the industry stands regarding the implementation.
Current industry efforts around IoT security need to be on a global scale. We travel too much and communicate across borders all the time, so domestic solutions will not be enough. The following questions were proposed:
- How is security defined for different IoT stakeholders?
- Will developers of IoT products implement appropriate levels of security and ensure best practices uniformly or go their own way?
- Are IoT technologies delivering enough to ensure security?
- Is security in the IoT design or is an afterthought?
- How challenging is it to secure an IoT device? Can devices be used to deliver malware?
- Will IoT be in catchup mode like most IP applications today?
- There will be many solutions and innovations developed. Each will have its value, but will they be combined into one solution set for all the stakeholders or will dominant vendors like Cisco and Microsoft promote their proprietary solutions?
- Should there be a more standardized approach to IoT security, and if so, who should produce them? Standards committees are famously slow. Would you trust government agencies, that is, if there could be common agreement?
IoT in the Financial Services Industry
IoT is impacting the financial services and insurance sectors, producing benefits for both providers and their customers. Insurance firms are now able to monitor driver behavior to determine car insurance rates. Panelists in an event session discussed the unique challenges for those companies in the banking and insurance sectors, and identified current solutions and key players.