Internet of Things projects can yield data and insights that help
companies operate more efficiently and improve products, but they also
give hackers additional targets to attack.
Expect more malware like Stuxnet, a worm that went after Siemens
industrial control systems and mostly infected computers in Iran, said
Alan Tait, CTO of Stream Technologies, a London company with technology
that enables machine-to-machine communication.
"As we connect more things to any form of the Internet, even if there's security, people will still go after them," he said.
Tait, along with other speakers on different panels, appeared at the
LiveWorx conference in Boston on Wednesday to discuss how companies are
handling IoT security issues and finding value in linking devices to the
Internet.
Often, corporate security policies mainly focus on securing hardware
that workers use. With IoT, the security perimeter extends to devices
operating outside of an office that link to critical systems, a point
companies miss, said Sunder Somasundaram, director of global IoT sales
at AT&T.
"It's amazing how many employees will lock down their employee's laptops
but they have devices in the field that talk back to their data
centers," he said.
While keeping data safe is important, sometimes businesses may
over-think security, said Syed Hoda, CMO at ParStream, which provides a
data analytics platform for IoT systems.
"There's some data you have that nobody really cares about," Hoda said,
adding that companies need to "get smart" about what data matters.
The focus needs to be on securing data that, if exposed, can damage a company, Stream's Tait said.
Much of the innovation going on in IoT comes from small companies, which might not have security as a priority, panelists said.
Companies need to look at how data travels through their IoT networks
and figure how to keep it safe, both on site and in the cloud, said Alan
Atkins, vice president and global head of IoT at Wipro.
While data that's sent to a cloud needs to be secure during transit,
taking that step "doesn't make sense" if the cloud handling the data
isn't secure, noted Andreas Laumann, chief software architect at Exceet
Secure Solutions.
Meanwhile, IoT has received a lot of hype, but "the reality is some
things are coming to life," Par Stream's Hoda said, mentioning that some
insurance providers are offering customers IoT devices to place in
their car to monitor driving, and offering policies based on the data
they collect.
"When it makes money and people like it, there's value," Hoda said.
Some businesses that have launched successful IoT projects include an
Australian mining company that remotely operates heavy equipment in
isolated areas. This allows the company to operate in more dangerous
locations without threatening worker safety, said Allan Alter, senior
research fellow at the Accenture Institute for High Performance.
Airbus applies RFID tags to airplane seats, life vests, galley carts and
other components found in an aircraft's interior to cut back on
assembly time, said Tim Butler, CEO of Tego, which supplies the aircraft
maker with the tags.
Hoda suggested companies appoint a "chief IoT officer" since such projects have results that lie outside of the CIO's domain.
"IoT isn't an IT project. It's a business project that uses IT," he said.
To reap benefits from IoT projects, companies need to quickly use the
data they collect, Hoda said, citing ParStream research that looked at
the return their customers saw on IoT investments. Companies that were
faster to react to the data saw returns on investment, he said.
No comments:
Post a Comment