Developing cutting edge commercial IoT technology means being at the forefront of the high-tech industry. As part of this movement, we are hearing much talk about what it means to build next-generation high-tech field service IoT technology, and what the seemingly limitless potential could bring to enterprises of all industries. Innovation is being driven by strategic implementation of AI, machine learning and deep learning, helping bring field service capabilities and end-user convenience to new heights.
Optimizing data collection
Field service technology is unique in that it serves as a connection between end-user devices and the entire enterprise supply chain; operating at both the near and far edges. When servicing end-customers in the field, these IoT devices not only use data aggregated throughout end-device analytics, but they also generate ample amounts of data in their own right. Field service devices provide all enterprises with a gold mine of data that can be repurposed to help further optimize future and existing customer interactions, streamline supply chain operations, and further develop field service IoT device capabilities to best fit customer and enterprise needs.
For example, consider cable providers: Field service technicians are naturally required for the installation and maintenance of cable boxes, routers and other home connectivity devices. These interactions between field technicians can be optimized through AI and machine learning technologies, which crunch the data that is gathered through each customer interaction.
This data can help companies develop AI-driven field service devices that are able to understand and evaluate individual situations in real-time. By understanding both the profile of the end-user and the device history, field technology IoT devices will be reimagined through the ability to predict what tasks will be required from the technician, prior to arrival on-site. This will drastically reduce the amount of time needed for diagnostics during maintenance and repair, and will make for a better experience for the end-user as well as the technician.
Reducing energy waste through IoT innovation
Building management also has the potential to be impacted by high-tech innovation in the field service sector. If you take one specific industry field application, such as a data monitoring center, you’ll see that IoT is responsible for controlling some of the physical attributes of the center itself. Specifically, IoT controls the temperature, humidity and other things that make the day-to-day aspect of the center more comfortable for employees.
Building management device innovation can be beneficial to all companies. Many businesses have integrated IoT into the building management support, significantly reducing power consumption. This integration allows companies to proactively shut down systems that they didn’t even realize weren’t being used to reduce their own energy waste. Thus, IoT and high-tech in field technology keeps the process and operations as optimal as possible.
Challenges with incorporating IoT and high-tech
While the benefits these technologies bring to companies can be exponential, there are also challenges and minor inhibitors that might make the technology seem less glamorous to some. Optimizing and maximizing field service IoT device capabilities is still a work in progress. Part of this is due to a reliance on legacy infrastructure and minimal high-tech investment.
As these organizations continue to undergo their digital transformational journeys, they will ultimately understand the importance of building new digital infrastructures. By building a high-tech infrastructure, businesses will be able to truly reinvent their products, services and internal operations, including field technology IoT integration.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
From monitoring our driving habits to tracking our location, connected cars know our every move. With a black box or event data recorder collecting information inside 96% of automobiles, modern cars are as much a computer as they are a means of transportation.
However, many drivers and passengers aren’t aware of the privacy risks that come along with connected cars. Personal data stored in cars is not always encrypted, or subject to legal restrictions.
While details such as seat-belt use, speed, and braking are proving be to useful for insurance companies and law enforcement, personal information including phone contacts and text messages could also be collected without a person’s consent.
Connected cars on trial
In most countries, police only require probable cause to search vehicles and are not obliged to obtain a warrant before downloading data. The legality of this has already been tested in the courts.
Such cases call on individual courts to decide whether laws dating from before the digital age should be extended to let police gather more information than was originally intended, according to the American Civil Liberties Union. In the absence of universal legal protections, the problem will continue. Every new technology and connected device will bring up the same challenges.
Manufacturers promise security
Under regulations like EU GDPR, customers have a right to expect information will remain private unless they expressly give their consent. This puts the responsibility on the vehicle manufacturers to build appropriate security measures that will protect an individual’s personal data.
Advanced driver assistance systems (ADAS) such as collision avoiding automatic brake systems provide higher margins for manufacturers. The market for ADAS is expected to grow by more than 10% every year and reach $67 billion by 2025. Manufacturers have every incentive to ensure that these systems comply with data protection regulations and keep sensitive customer data secure.
So far, about 20 carmakers have signed up to build systems featuring built-in security. The plan is to give car owners the ability to manage the data collected in their vehicles, and obtain customer consent to use location and biometric data for marketing.
Encryption drives data protection
To better protect customer data, auto manufacturers will need to introduce encryption technology into their vehicles. VPN software can effectively encrypt data within the vehicle and as it passes over the Internet. By creating an encrypted tunnel for data communications with the auto manufacturer or smart city system, a VPN renders personal data indecipherable and protected from cybercriminals.
Overall, as advances in connected car technology and next generation bandwidth inevitably increase, the number of cases in which personal data in vehicles is analysed without the owner’s consent will continue to occur. To prevent this, manufacturers must take the proper measures to meet data protection laws. Implementing VPN software can ensure that personal information stored in event data recorders and central computer systems is secure, and safeguarded from unauthorized parties.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
The Ponemon Institute published its annual report on third-party IoT risks in May, 2019. The report focused on identifying what companies do not know — or understand — about the risks inherent to IoT devices and applications, particularly when used by third parties. The report drives home the fact that, although integrators and end users understand that it is important to protect connected devices, many do not understand the full landscape of threats that these devices face.
Concerningly, the Ponemon report indicates that the percentage of organizations that have suffered a data breach, specifically because of unsecured IoT devices or applications, has risen from 15% to 26% in the past three years alone; a number that Ponemon points out is likely low due to the unfortunate reality that it is often difficult to recognize when a breach has occurred.
Perhaps more importantly, the report also notes that the percentage of companies experiencing data breaches caused by unsecured IoT devices or applications belonging to third parties has risen from 14% to 18% since 2018, and cyberattacks caused by those devices have risen from 18% to 23&. These numbers underscore the fact that even the most secure network can be compromised by failing to properly vet third-party suppliers, and securing your supply chain is often as critical as securing your devices.
Built-in security is key, but it isn’t enough
Understandably, when it comes to keeping IoT devices secure, responsibility often falls on the manufacturer. Smart — and conscientious — manufacturers have a vested interest in ensuring that their devices have strong and effective security capabilities. This is truer than ever now that national and international regulations such as GDPR have taken effect, and even been supplemented by additional regulations incorporating language that mandates information security by design and default.
Both individuals and organizations are increasingly asserting their right to expect a basic level of security when they purchase and use a device. Other groups, like the National Institute for Standards and Technology, have issued their own recommendations for creating a core baseline for securing connected devices.
The concept of by design and default means that manufacturers must make good on many individual’s expectations of built-in security; but it’s important to understand what security really means. Including built-in security measures doesn’t make a device impenetrable, nor does it ensure that users or integrators will understand how to best make use of those measures.
Measures such as creating unique default passwords for each new device can prevent certain malware infections like the Mirai Botnet and its many offshoots from taking control of massive numbers of devices at once. But it can’t prevent an integrator from creating an inadvertent backdoor into the system, nor can it stop an employee from leaving their new credentials lying around where they can be easily viewed or stolen.
Research has shown that 90% of data breaches are can be tied to largely avoidable problems including human error, poor configurations and poor maintenance practices, according to Axis Communications. While end users naturally want to know what manufacturers are doing to build security into a product on the software side, the truth is that built-in security can only do so much.
Ensuring that the knowledge is there to prevent configuration and maintenance errors is equally important. This further underscores why securing the other levels of the supply chain is a critical aspect of IoT security.
Education is key for manufacturers, integrators and end users
When bringing IoT products into a network, the integrator must work closely with the information security team to ensure clear communication of the control set for the network, the framework upon which it is built and more. The communication must happen before the installation even begins, so that the integrator understands how to approach the project in the best possible way. This means end users must understand the products they are purchasing and how they fit into the wider network.
Although manufacturers understand the benefits of built-in security controls, if an integrator or contractor doesn’t line up a network’s controls with its access users, then it doesn’t matter how securely built the products are. Even if the manufacturer has done threat modeling by having a secure software group come in to determine potential attack methods on a given product, information must be effectively conveyed to the integrator so that they can install the product using the most effective security framework. Even a minor communication disconnect between a manufacturer and an integrator can cause major problems in this manner.
Manufacturers can help improve overall security by taking steps to ensure that encrypted connections are established from the start. Many manufacturers are turning to features like Secure Boot, which only allows a device to boot using software that is trusted by the Original Equipment Manufacturer; preventing hackers or other cyber criminals from installing unknown programs onto a device. These measures are not enough on their own, but taken in conjunction with improving integrators’ and end users’ knowledge and understanding of product security, they represent an important piece of the puzzle.
Establishing trust is critical, but that trust must be earned
Vendor and manufacturer vetting are a part of the new trust dimension. Whether or not a manufacturer’s products can provide a solution and meet the technical requirements to solve a given problem are no longer the only concerns for end users.
Today’s businesses want to know the cybersecurity approach taken by the manufacturer before they purchase a given product. Today’s manufacturers have an obligation to educate their integrators to ensure that those products are being deployed in the most effective way. Conveying that to end users is important, and establishing trust in the marketplace is a multi-step process.
Transparency is key. In any industry, organizations that are open and honest will naturally foster greater trust. Similarly, demonstrating good processes and practices when it comes to securing customer data can also go a long way; particularly as data breaches make the headlines with increasing frequency.
Even though most applications on IoT devices don’t contain much Personally Identifiable Information (PII) of the type covered by GDPR, compromised devices can be used as a jumping off point for privilege escalation and cross-breach to the IT network. This is where PII and other data can be easily obtained. End users want to know they can trust a product to secure data effectively, and manufacturers with a reputation for using features like Secure Boot can help provide that confidence.
It is important to strengthen the ties between manufacturers, integrators and end users to create new avenues for communication, and ensuring that a proper level of knowledge of both the products in use and the needs of the customer is established for all parties involved.
Education is critical, and everyone must be willing to take the steps needed to build a more secure and knowledgeable future. For many, this means supply chain mapping to detail every touch point of all material, processes and shipments. As IoT devices continue to become more commonplace across a wide range of industries, securing the supply chain will only become more important.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda
This is the second piece in a three-part series. Read the first piece here.
I have a belief that’s unorthodox in the data science world: explainability first, predictive power second, a notion that is more important than ever for companies implementing AI.
Why? Because AI is the hottest technology on the planet, and nearly every organization has a mandate to explore its benefits by applying AI models developed internally or acquired as part of a package solution from a third-party provider. Yet a recent London venture capital firm MMC study in Europe found that 40% of startups classified as AI companies don’t actually use AI in a way that is material to their businesses. How can these startups and the customers that buy from them rely on the predictive power of their AI technology when it’s not clear if the models delivering it are truly AI?
Explainability is everything
AI that is explainable should make it easy for humans to find the answers to important questions including:
- Was the model built properly?
- What are the risks of using the model?
- When does the model degrade?
The latter question illustrates the related concept of humble AI, in which data scientists determine the suitability of a model’s performance in different situations, or situations in which it won’t work because of a low density of neural networks and a lack of historical data.
We need to understand AI models better because when we use the scores a model produces, we assume that the score is equally valid for all customers and all scoring scenarios. Often this may not be the case, which can easily lead to all manner of important decision being made based on very imperfect information.
Balancing speed with explainability
Many companies rush to operationalize AI models that are neither understood nor auditable in the race to build predictive models as quickly as possible with open source tools that many users don’t fully understand. In my data science organization, we use two techniques — blockchain and explainable latent features — that dramatically improve the explainability of the AI models we build.
In 2018 I produced a patent application (16/128,359 USA) around using blockchain to ensure that all of the decisions made about a machine learning model, a fundamental component of many AI solutions, are recorded and auditable. My patent describes how to codify analytic and machine learning model development using blockchain technology to associate a chain of entities, work tasks and requirements with a model, including testing and validation checks.
The blockchain substantiate a trail of decision-making. It shows if a variable is acceptable, if it introduces bias into the model and if the variable is used properly. We can see at a very granular level the pieces of the model, the way the model functions and the way it responds to expected data, rejects bad data or responds to a simulated changing environment.
This use of blockchain to orchestrate the agile model development process can be used by parties outside the development organization, such as a governance team or regulatory units. In this way, analytic model development becomes highly explainable and decisions auditable, a critical factor in delivering AI technology that is both explainable and ethical.
An explainable multi-layered neural network can be easily understood by an analyst, a business manager and a regulator, yet a neural network model has a complex structure, making even the simplest neural net with a single hidden layer, which produces a latent feature in the model making it hard to understand, as shown in Figure 1.
I have developed a methodology that exposes the key driving features of the specification of each hidden node. This leads to an explainable neural network. Forcing hidden nodes to only have sparse connections makes the behavior of the neural network easily understandable.
Generating this model leads to the learning of a set of interpretable latent features. These are non-linear transformations of a single input variable or interactions of two or more of them together. The interpretability threshold of the nodes is the upper threshold on the number of inputs allowed in a single hidden node, as illustrated in Figure 2.
As a consequence, the hidden nodes get simplified. In this example, hidden node LF1 is a non-linear transformation of input variable v2, and LF2 is an interaction of two input variables, v1 and v5. These nodes are considered resolved because the number of inputs is below or equal to the interpretability threshold of two in this example. On the other hand, the node LF3 is considered unresolved.
To resolve an unresolved node, thus making it explainable, we tap into its activation. A new neural network model is then trained. The input variables of that hidden node become the predictors for the new neural network, and the hidden node activation is the target. This process expresses the unresolved node in terms of another layer of latent features, some of which are resolved. Applying this approach iteratively to all the unresolved nodes leads to a sparsely connected deep neural network, with an unusual architecture, in which each node is resolved and therefore is interpretable, as shown in Figure 3.
The bottom line
Together, explainable latent features and blockchain make complex AI models understandable to human analysts at companies and regulatory agencies––a crucial step in speeding ethical, highly predictive AI technology into production.
Keep an eye out for the third and final blog in my AI explainer series on the three Es of AI on the topic of efficient AI.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
This is the first in a two-part series.
The meteoric rise of IoT has created a popular new attack surface for cybercriminals. The “2019 Sonic Wall Cyber Threat Report” indicated that there were 32.7 million cyberattacks targeting IoT devices in 2018, representing a 217.5% increase over attacks 2017. What is interesting, however, is that in the Attivo Networks 2018 Threat Detection Survey findings, securing IoT ranked just sixth on respondents’ list of attack surface concerns. This is possibly because IoT, medical IoT and other interconnected devices commonly fall outside of a security team’s responsibilities.
This circumstance is cause for concern. Adding to the gravity of the situation is the fact that these devices often have minimal security requirements, are governed by laws preventing third-party security adjustments and lack regulation, which has been slow in setting standards. With Gartner predicting that 25 billion connected devices will be in use by 2021, security teams will need to proactively search for new ways to both secure the ever-growing number of potential entry points and quickly identify attacks that use these devices for easier access to the network.
Emerging attack surfaces present new and often different challenges for defenders to overcome. Organizations must learn understand how security teams can better secure each attack surface.
Flexera’s”RightScale 2019 State of the Cloud Survey” indicated that 94% of enterprises utilize the cloud, with 84% of enterprises employing a multi-cloud strategy. The rapid growth of cloud and multi-cloud environments has presented organizations with shared security models to go along with both familiar and unique security challenges, so it is not surprising that 62% of Attivo Threat Detection Survey respondents listed securing the cloud as the top attack surface of concern. What compounds this particular situation the fact that many of today’s security tools rely on virtual network interfaces or traditional connections to servers, databases and other infrastructure elements, which are no longer available in serverless computing environments.
Unsecured APIs, which allow cloud-based applications to connect, represent a significant new threat vector for cloud users. Unsecured APIs and shadow APIs represent substantial potential dangers. Similarly, the rise of DevOps comes with a new set of vulnerabilities, including the proliferation of privileged accounts. Access to applications, embedded code and credential management all require a different assessment of risk and how to secure them. Given the fluidity of the environment, detecting credential theft and lateral movement quickly gain importance. Deception technology represents an increasingly popular approach to this, helping with the detection of policy violations and unauthorized access, as well as identity access management inclusive of credentials, exposed attack paths and attempted access to functions or databases.
Increased focus on edge computing has driven increased traffic to data centers and presents new security challenges as data processing and functionality move closer to end users. With more and more information stored in these data centers and the growing popularity of smaller, distributed data centers, there is an increased need to reassess security frameworks and their fit for these new architectures. The arrival of 5G is also likely to fuel the growth of edge computing. In this environment, security, privacy and storage management will need additional attention. Scalability of security systems will be critical as data centers increase in size and given the distributed nature of these networks.
Whether on-premises or in a remote data center, threats may come in both internal and external forms and may be intentional or unintentional. Incomplete or inadequate screening of new employees, lack of consistent internal protocols and limited access control can create an unsafe environment for data and operations. Lack of backups and disaster recovery services can also render information vulnerable to disasters — natural or otherwise. Securing the complete digital ecosystem is about more than just fitting today’s needs. The way those needs are rapidly evolving will require assessing security frameworks and their fit in the various environments, as well as an overlay view of how an attacker would attack them. Once organizations have completed identifying risk, they can move forward with establishing a full security fabric comprised of prevention and early detection tools, as well as the programs for faster and automated incident response.
Location has become a critical component across a wide variety of organizations as part of their ever-expanding IoT implementations. As companies get more sophisticated in their knowledge of what IoT can do for their business, they’re moving beyond basic applications to use IoT to better manage key business processes.
Knowing the precise location of a person — or object — by itself, and in relation to other people and objects helps organizations better understand business processes such as inventory control in a warehouse environment as well as generating advanced player statistics in a sports environment.
While accurate location capabilities are on every company’s wish list, each has a different idea of what location accuracy means. Is location within a meter accurate enough? For some use cases and applications, it is perfectly sufficient. However, other use cases may demand much more precise levels of accuracy, perhaps even as accurate as 10 centimeters.
There are a few distinct levels of accuracy, and several technologies and methodologies by which to achieve each level. The gating factor is the use case for which location capabilities are required. Understanding what the short-term and longer-term needs are for location — and taking into consideration total cost of ownership (TCO) of the solution — will be critical to making the correct choice.
While location capabilities are important for many types of organizations, looking at the need for location services in a single environment, such as a warehouse, makes it easy to understand both the benefits and the use cases the different levels of location can enable. There are three general levels.
Detecting the presence of a person or object is the simplest location-based solution designed to answer the question: Is it present or not? Unfortunately, it’s also the least accurate location level. Presence detection is commonly used in a warehouse to determine whether an item or a pallet has arrived. Using an advanced location system using Bluetooth technology and the angle of arrival methodology, a locator is placed at the entrance of the warehouse to act as a gate through which each tagged item passes. The locator identifies the tag based on its unique ID, measures the angle of the tag’s signal and calculates the direction of motion for the tag, thereby determining whether it’s entering or exiting the warehouse. Some real-time location systems (RTLS) can determine presence, and provide real-time information within the warehouse because of their long communications range. However many are limited by unsophisticated solutions that work well outside or inside, but not both.
RFID technology can be used for presence detection by tracking objects transiting through the gates. However, scaling beyond this use case may be limited by the cost of architecting a solution using multiple gateway readers. Its inability to track items that are already inside the warehouse once the system is installed can also negatively impacting both the cost-effectiveness and usefulness as a location solution.
Proximity-based solutions are designed to identify both the presence and location of items. Proximity detection typically uses a combination of high-accuracy positioning in areas where the use case demands it, and low-accuracy presence detection in areas where precision is less of a requirement. These solutions are ideal when uniformly accurate coverage is not needed.
This is often the case in the warehouse example, where approximate location information may be adequate for many use cases. With an RTLS that utilizes Bluetooth technology and the angle of arrival methodology, locators can be placed strategically within the warehouse, creating zones that track items in real time as they enter or leave each zone. In some deployments, locators can be positioned at strategic choke points, providing basic movement tracking. Optimizing the deployment and density of locators to enable higher location accuracy only where it’s needed provides a strong TCO without limiting potential use cases.
Other technologies that are commonly used for proximity-level location accuracy include Wi-Fi and Bluetooth Received Signal Strength Indication-based beaconing. However, they are each too inflexible to allow for deployments with non-uniform locator density. This makes it difficult to manage costs and deliver the right level of accuracy for each use case that is supported.
Solutions based on Positioning, which is the highest level of location accuracy, are designed to reliably locate the exact position of a tracked item in real time, both inside a warehouse and nearby, such as in a storage yard. Positioning unlocks the full potential of location-based solutions because of its flexibility and very precise levels of accuracy.
In warehouses, companies often need to know the precise and real-time location of items, both stationary and in motion. Common warehousing applications such as worker safety, collision avoidance, inventory management and advanced workflow optimization all require knowing the precise location of people and objects. With an RTLS that utilizes Bluetooth technology and the angle of arrival methodology, businesses can uniformly cover the area of interest with locators, so that the system can reliably calculate the accurate location of tags in real time.
Having this level of accuracy, and the flexibility to also support presence and proximity, satisfies nearly all of today’s use cases as well as many potential new ones; some of which may not have been thought of yet because of the limitations of location technology and cost considerations.
An additional technology being used for use cases that demand high levels of location accuracy is Ultra-wideband (UWB). However, UWB is only useful for high-accuracy use cases. This is because it cannot be scaled down technology-wise, or even cost-wise to cover proximity and positioning requirements, limiting its effectiveness as a solution that covers all use cases. The high cost of tags and the limits to radio certifications across different geographical areas also limit UWB’s usability as a positioning solution.
The warehouse example showcases the reach, flexibility and accuracy of the different types of solutions available for determining location. Organizations of all types and sizes, from manufacturing and supply chain and logistics to healthcare and retail, have already established a wide variety of use cases where knowing the location of an object — or person — provides tremendous business value. The specific level of accuracy they need depends on the use case — or use cases — they need to support across the business; today and in the future. An RTLS that covers all levels of accuracy, multiple use cases, and is scalable for future growth provides the most attractive TCO and best return on investment.
North American manufacturers that want to pursue multiple industrial internet of things (IIoT) initiatives and scale the results throughout their organizations often face significant challenges, according to a new independent survey of more than 125 manufacturers primarily in heavy industry and automotive sectors.
The survey from Software AG also found that manufacturers have objectives that span both products and production, but are unable to reach their predicted value because of known and unknown complexities.
IIoT offers new revenue if organizations can overcome obstacles
Organizations clearly prioritize new revenue generation for IIoT projects, with 84% of automotive and heavy industry manufacturers from the survey having selected the monetization of products as a service to be the most important area of IIoT. Optimizing production is also viewed as a top priority for 58% of heavy industry and 50% of automotive manufacturers. Historically, the primary use for IIoT has been predictive maintenance, but in this survey, respondents did not view it as important as monetization or operational optimization.
This is because the vast majority of manufacturers report that their IIoT investments are not adding data or value to other parts of the organization. Despite the fact that 80% of all respondents identified that processes around IIoT platforms need to be optimized to stay competitive, very few are doing this. These organizations face obstacles in obtaining and sharing IIoT data that make optimization difficult. Fifty-six percent of automotive manufacturers consider IT/OT integration as the most challenging task that has prevented them from fully realizing the ROI from IIoT investments.
Analytics are equally difficult to use
More than 60% of the manufacturers surveyed had as much difficulty with defining threshold-based rules than using predictive analytics. This means that simple if-then statements, which any associate can create, are giving organizations more trouble than predictive analytics, which rely on complex algorithms that require the expertise of a data scientist. While neither task is considered simple, leveraging predictive analytics was rated as only slightly more difficult than condition-based rules.
Manufacturers place a high value on IIoT, but cannot spread their existing IIoT innovations and investments across their organizations. They can solve this dilemma by investing in the right IT/OT integration strategy and IoT technology. Manufacturers can use four best practices to scale their IIoT investments across their enterprises.
- Ensure clear collaboration between IT and the business by following a transparent step by step approach that starts focused and has clear near term and long- term objectives to scale.
- Give IT the ability to connect at speed with a digital production platform that is proven to be successful.
- Leverage a GUI-driven, consistent platform that supports all potential use cases and an ecosystem of IT associates, business users and partners.
- Enable the plant or field service workers to work autonomously without continual support from IT through GUI-driven analytics, centralized management and easy, batch device connectivity and management.
IoT presents opportunities for growth and new possibilities for any organization across all industries. With IoT technology, workers can monitor a patient’s health from another city or capture information on soil temperature from a field three hectares away.
Substantial changes will be possible in sectors including finance, energy and transportation. IoT technology could radically transform the way modern businesses function by increasing efficiency and reducing costs.
While the possibilities seem endless, in order for organizations to succeed, they need to look at the current state of IoT and understand the steps it will take to make the future a reality.
The current state of IoT
IoT is rapidly becoming business as usual as it transforms industries and businesses all over the world and more organizations adopt the technology. In some capacity, 34% of companies are using IoT and the confidence it the technology is only growing, according to Vodafone’s IoT Barometer 2019. Companies believe IoT technology provides a competitive advantage, and 74% of adopters in Vodafone’s report believe that within five years, companies without IoT deployments will fall behind. Organizations that adopted IoT projects in their core systems see positive results.
The benefits that come with the integration and deployment of IoT include an array of benefits from cost reductions to improved safety, increased responsiveness and even the creation of entirely new revenue streams, ultimately making businesses smarter and more efficient.
As data becomes more valuable to corporations, 80% of advanced adopters use analytics to improve business decision-making. The data collected from IoT devices is essential to steady and continue digital transformation.
Increased IoT integration correlates with greater business advantages at every stage of an organization’s IoT journey. It’s no longer a case of whether to implement IoT, but when and how.
Barriers to IoT adoption
Since last year, adoption of IoT increase by 5%, according to Vodafone. A majority of companies still have yet to implement an IoT strategy due to looming doubts around the cost and complexity of deployment. What these companies might not realize is that starting out in IoT is easier than ever.
There are current IoT solutions and platforms that make it fast and easy to deploy and manage these types of solutions effectively. Organizations can even look to off-the-shelf IoT products that offer low-risk and quick deployment. The widespread uses of IoT applications make it much easier to deploy complex IoT projects with existing infrastructure.
Adopters no longer see security as a major barrier. Sixty-five percent of adopters reported that their security concerns with IoT are no greater than with other new technologies. Even so, security and privacy issues should remain a top priority when considering IoT solutions. Taking a proactive approach to ensure that devices are tested and the integrity of the network is maintained is essential.
There is a strong correlation between sophistication and the benefits adopters have seen from using IoT. This means that adopters that developed their IoT strategy well and are progressing in its implementation reap the greatest rewards.
Businesses can assess themselves to see how they measure up in comparison to others in their sector with the IoT Sophistication Index tool. This feature provides personalized recommendations to help businesses improve their IoT sophistication and ultimately their ROI — wherever they are in their journey of adopting IoT.
IoT innovations and the future
In the future, intelligent assets will communicate with the world around them. Even though sometimes that’s hard to imagine, businesses need to act now to ensure they switch to a digital-first mindset to keep thriving.
IoT is that change agent that allows a business to compete in a digital world. Treating IoT as a critical part of a business’ digital strategy, integrating it with business systems, and selecting appropriate connectivity are all essential components of a successful IoT implementation that will deliver tangible results.
Cybercriminals are constantly probing consumer IoT devices such as home routers, IP cameras and printers to find access points into the network. Once they have access, they can disrupt network functions, gather critical information and deliver malicious payloads. At the other end of the spectrum, cybercriminals also probe critical infrastructures to target high-end industrial control systems (ICS) and SCADA technologies for the same purposes.
There is also a middle ground that criminals are focusing on: A growing line of control systems for residential and small business use. These smart systems have garnered comparably less attention than their industrial counterparts, but that seems to be changing.
Targeting control devices
Data revealed a small but significant shift in attention toward this middle ground of control systems, according to Fortinet’s Q2 2019 Threat Landscape Report.
A signature related to building management solutions was found to be triggered in 1% of organizations, which may not seem like much, but it is higher than typically seen for ICS or SCADA products.
Securing control systems
Imagine the harm a resourceful criminal could do with access to any number of these types of devices, including environmental controls, security cameras and safety systems. This is why the security of smart residential and small business systems deserves elevated attention.
Cybercriminals are watching closely for opportunities to commandeer control devices in homes and businesses. Unfortunately, cybersecurity in these venues, especially for devices traditionally considered to be isolated from traditional attacks, is not always straightforward and sometimes falls outside the scope of traditional IT systems.
However, securing these control systems is clearly necessary. The nature of IoT, including its endless number of endpoints and ever-growing volume of data and application traffic, make the task daunting. Fortunately, segmentation and network access control (NAC) solutions are a reliable foundational strategy to build on to protect company resources. When these solutions are in place, visitors and unauthorized devices seeking network access are connected to a guest network by default, critical resources — such as financial data — are isolated from the rest of the network, and all sensitive communications are automatically encrypted.
What’s so beneficial about segmentation is that when countermeasures fail in one part of the network, segmentation protects other areas from being compromised. Network and device segmentation should address:
- Access management: NAC combined with intent-based segmentation enables businesses to identify devices and impose strict access controls based on user, role, device type or even applications; a critical risk management solution for today. As devices either initiate a new network connection or as traffic or applications attempt to cross network segments, access control combined with inspection helps establish secure perimeters around critical resources by identifying and preventing the spread of malware.
- Risk assessment: Businesses can use data, devices, users, locations and threat intelligence feeds — along with a host of other criteria — to identify threat categories and assess risk in real time.
- Policy and device management: Seeing all devices and their related activity, including IoT devices, allows IT teams to appropriately set policies to manage risk across the network.
- Control: By treating those parts of the network that interact with IoT devices differently, companies can better control risks from a policy standpoint.
Forewarned is forearmed
A veritable Pandora’s Box of threat vectors has been opened in most networks and cannot be closed. Instead, they must be constantly monitored to help businesses understand the cyber risks they face.
One of the latest vectors is attacks on IoT-powered control systems within businesses. Access to one device in the system may grant access to any other device in that system, with the potential for significant business disruption. By segmenting their networks, organizations will limit exposure should an intruder get in and keep their critical assets secure.
There is a lot of buzz around the upcoming 5G standard for mobile device communication. At first glance, this will be great for individual smartphones, tablets, mobile hotspots and more, but the reality is that 5G will prove to be a bigger, fundamental enabler for IoT solutions.
I also dispute there will be new challenges introduced. Before we get to the challenges, let’s wrap our heads around the good news that comes with 5G.
How 5G improves IoT projects
The main benefits of 5G will be enhanced bandwidth and reduced latency for devices defined from the 3rd Generation Partnership Project (3GPP). For IoT uses, this will introduce options for many critical applications.
One emerging area for IoT will be effectively gathering real-time information. 3GPP has two types of technologies that will help IoT scale: enhanced Machine-Type Communication (eMTC) and Narrowband IoT (NB-IoT). These both focus on reducing complexity, having better device density and establishing more power efficiency. eMTC is associated with real-time items, such as wearables and personal IoT use cases. NB-IoT focuses on solutions where latency is more tolerable and a lower amount of data needs to be transfered. Additionally, some of these solutions can have more than 10 years of battery life. Couple the mobility with a battery like this and organizations can overcome some of the barriers to implementing an IoT solution.
To put some perspectives on a number of changes in place here, both eMTC and NB-IoT implementations will benefit. Qualcomm is very interested in the milestone that 5G brings, and has produced a visual roadmap of what 5G will enable with 3GPP capabilities. All the benefits — better positioning, better battery life, better real-time uses, serious scale and more coupled with the better performance — go beyond what IT pros expected just a few years ago.
IoT faces potential challenges with 5G
I mentioned there are some considerations to pay attention to. When we make these types of changes and introduce this type of scale, the backend solution better be ready to support it. The amount of data, data transfer and the number of devices connected will introduce some particular concerns that need to be taken into account.
I would go so far to say that the only practical way to build IoT solutions on serious scale based on 5G is through the hyperscale public clouds in many situations. Of course, a strong recommendation like that requires answering detailed questions around the specific use case. The reality is that a solution that deploys thousands of IoT devices that provide real-time data or rich media could potentially saturate communication lines and storage resources of a traditional data center quite rapidly. The hyperscale public clouds will provide the scalability to match this significant change coming for IoT solutions.
5G is a big deal, and it’s more than just what we will keep in our pocket. Because of that, we need to consider the business impact of a 5G solution. Will the IoT solution powered by 5G provide an overall benefit? Will the IoT solution powered by 5G uncover bottlenecks or introduce capacity constraints to existing services, platforms and resources?
My practical advice is to ensure the cloud is part of the IoT solution organizations choose, and it is powered by 5G from the start. This will help organizations avoid complicated problems later that can put the whole IoT solution value at risk.