IoT is now an integral part of every networked environment, from corporate headquarters to the home network. Branch offices and retail locations have been adopting IoT at a breakneck pace, using these devices to provide a wide range of services, while using SaaS cloud servers as their management interface. Much of this growth goes beyond upgrading traditional devices, such as printers, to a smarter IoT version that can collect data and track usage.
IoT in the branch and retail space
Here are a few examples:
- Surveillance and security monitoring has moved beyond things like CCTV systems. Today’s physical security systems include connected IoT cameras, badge readers and alarm systems that can do things like tie a badge scan to a video facial recognition system to ensure secure access to a facility, link video images from an IP camera to a credit card transaction to enable fraud detection and assist in PCI investigations, and dynamically restrict access to physical resources based on a variety of contexts, including role or time of day, and even lock down a facility in the event of a breach or emergency.
- IoT sensors, especially in retail environments, are being deployed to simplify the monitoring and management of critical systems. They include things like temperature sensors on the refrigerators in quick-serve locations to ensure food is kept at required temperatures and tank pressure sensors in gas stations for safe operation.
- Retailers are using IoT devices to better connect with customers and to personalize their shopping experience. They use IoT-enabled sensors to perform passive smartphone scans to identify and welcome repeat customers and track them through the store to collect information about shopping habits. Beacons can be used to broadcast product information and sales to customer smartphones, and proximity devices can deliver special alerts and coupons when a shopper is near a specific item or section, or even place personalized ads on IoT-enabled kiosk and cart screens throughout their visit based on previous shopping history.
- Facility managers can use IoT sensors to automatically turn off lights and devices and change the temperature when offices, conference rooms or parts of the building are unused. These sensors can also be integrated with things like a corporate calendar to perform tasks such as ensuring that conference room hardware is booted up and ready prior to the start of a meeting, and is turned off once participants leave the room.
Branch IoT security challenges
While each of these IoT-based systems have direct benefits to the organizations using them, they can also introduce risk that the local branch or retail staff is unqualified to address. According to a recent Fortinet Threat Landscape Report, IoT devices remain at the top of security challenges for customers. Six of the top 12 global exploits that were identified and ranked by FortiGuard Labs, for example, targeted IoT devices, with four of them related to IP-enabled cameras.
The fact is that IoT devices expand the potential attack surface of the network. Worse, IoT devices are also notoriously insecure due to things like limited CPU and memory, built-in backdoors, the fact that they are often headless — meaning they cannot be easily updated or patched — and that they were not designed with any sort of security in place. As a result, IoT devices are increasingly being targeted by cybercriminals to steal data, hijack CPU, spread malware and launch attacks into the network.
The challenge is two-fold. The first is that there are rarely any qualified IT personnel onsite at a branch office or a retail location to deploy, manage or troubleshoot IoT devices and related security incidents. And second, even remote security deployments far too often include devices from multiple vendors that have their own management consoles and complicated interfaces. Vendor and device sprawl can actually get in the way of effective security management.
Securing IoT with the new SD-branch
Addressing the challenge of securing the proliferation of branch IoT devices requires rethinking security. As part of their digital transformation efforts, organizations have begun to adopt SD-WAN to enhance the communication and data links to and between their remote branch offices and retail locations.
However, many are quickly discovering that trying to add security to their SD-WAN system after the fact can be very difficult to deploy and even more complicated to manage. As a result, secure SD-WAN — where security is woven directly into the SD-WAN technology — has been introduced, enabling it to not only inspect and secure traffic and applications, but also dynamically adapt to today’s digital networks that automatically scale and transform to meet shifting business requirements.
SD-branch takes this idea a step further by extending the security provided by secure SD-WAN deep into the branch network, providing security for applications, workflows and connected end user, network and IoT devices. This system includes the following elements:
- Network edge protection: A next-generation firewall (NGFW) is the ideal foundational component for securing SD-branch deployments. An NGFW needs to be able to extend security from the SD-WAN connection to wired and wireless access controllers to ensure that all inbound and outbound IoT traffic is secured.
- Access edge protection: Secure physical and wireless access points not only need to provide adequate capacity and throughput to keep up with expanding IoT bandwidth needs, but share device connections and traffic with the NGFW to secure IoT traffic moving laterally across the branch network. Switches also need to offer higher power (PoE) to run today’s most power-hungry IoT devices.
- Device edge protection: The proliferation of IoT devices at the branch can represent a significant threat to organizations as far too many IoT devices were never designed with security in mind. As a result, all IoT devices must be properly identified and segmented using an integrated network access control (NAC) mechanism that can provide automatic discovery, classification and security for IoT devices being connected to the network.
NAC technologies, in coordination with the NGFW, should also continuously scan network traffic for anomalous behavior, enabling the security system to not only detect bad device behavior, but also respond by dynamically isolating those devices for quarantine and remediation.
IoT devices play an increasingly critical role in the ongoing digital transformation efforts of today’s enterprise organization. Extending IoT devices into the branch office and retail locations allows organizations to personalize their interaction with customers, provide intelligent services that increase productivity, reduce overhead and address risk, and gather critical information to continually refine their services, workflows and applications.
IoT devices also expand the potential attack surface of the network in that because of their inherent lack of security, they are increasingly targeted by cybercriminals to steal data, hijack CPU, spread malware and launch attacks into the network. Realizing the benefits of IoT deployments while addressing the challenges they introduce requires a branch architectural strategy with security at its foundation. This allows an integrated security system to reduce risk by seeing all devices, intentionally segmenting IoT devices based on context, tracking and monitoring device traffic, and quickly adapting when a security event occurs to eliminate threats before they have the ability to impact the organization.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
“What’s your tire?” is a question I asked in my previous blog post on transforming products into services via IoT. One trend to watch within the clothing industry is the innovation happening in smart fabrics. With some 10 billion products in the apparel, accessories and footwear industries currently going digital, it’s no longer a question of the feasibility of connected apparel. What’s important now is creating meaningful applications that provide real end value for the user. This is the fashion industry’s “tire.”
Technology has become increasingly personal, scaling down from large rooms to people’s laps and then into their pockets. The next logical evolution is wearable technology. Today, smart apparel is created by embedding sensors into items of clothing, but the mills of tomorrow will directly weave smart fabric. This fabric will have the look and fit of the clothes we wear today, with capabilities to collect and send data and react to physical or environmental conditions. They will be woven from a material base of electrically conductive fibers, combined with microprocessors and miniaturized sensors. Companies like DuPont, Adidas, Schoeller Textiles and Toray Industries are actively developing products, contributing to the growth of the smart textile industry.
As the textile industry embraces the opportunities and challenges of digitization, fashion companies should focus on how consumers currently value their products — and how this can be transformed in new ways. Understanding consumer expectations toward smart clothing is vital. After all, consumers are now saturated with digital products that generate astronomical amounts of data. The opportunity for fashion companies is to produce compelling experiences, through thoughtful technologies, that build an emotional connection with consumers. The apparel industry can now evolve from a business based on one-off garment purchases to one that offers an associated ecosystem of services — a fashion platform.
So, what could these connective services look like?
Made to measure
As the adoption and demand for smart textiles grow, what can fashion brands offer so they don’t become only hardware manufacturers in our future connected world?
It’s important to integrate the diversity, personal expression and emotion — the life force of fashion industry value system — into the connected apparel of tomorrow. To accomplish this, fashion tech must deliver specific functionalities that niche target audiences want and need. These specific consumers will only undergo a behaviors shift and fully adopt a new product if it meets a specific need or overcomes a specific challenge. Specificity is key. Today, companies like my hometown-based Ministry of Supply are creating personalized clothing using thermal imaging, 3D printing and 3D knitting technologies. These clothes are not only tailored to a person’s body measurements, but are also customized to an individual customer’s body heat mechanics. They even produce zero-waste material during production.
This acceleration toward mass personalization of connected apparel will evolve as the clothes of tomorrow dynamically change as context, or even mood, does. Imagine tomorrow’s clothes dynamically changing as you go through your day, becoming more tailored for an important event or meetings and then relaxing for your commute or weekend. Patterns and color shifts can emerge, when triggered, to provide diversity of looks and expressions throughout your day.
The post-retail future
Building off the made-to-measure evolution, retail stores will become smaller, more efficient showrooms that will not house a large amount of inventory, but showcase the latest collections. They will feature fewer items, and those items will be able to be altered in the dressing room to suit your needs. As consumers try on pieces of connected merchandise, sensors in the garments collect their exact measurements. Smart mirrors in front of them allow them to make the changes to garments they’re trying on: size, color, pattern. Maybe they want to add length to a skirt or change the lining pattern of a jacket. Consumers will easily create their own bespoke alterations. A few minutes later, they order the fully tailored garment and the next day they are wearing it to work. Even purchasing these items will be done in the dressing room, since that’s the place where most of decision-making is happening.
In the future, the relationship with your apparel will be extended from the moment you shop to the moment you pass the piece of clothing on to someone else. You’ll get a lot closer to your clothes than you ever thought. You will better understand the origins of the clothing that you’re wearing. Barcodes woven right into the fabric will tell you where the material came from, how it was created and by whom.
You can see examples of how companies are beginning to create this post-retail future. Amazon, for instance, has been developing IP around home smart mirrors, devices that create 3D models of clothing and an automated on-demand clothing factory. Combining the right recipe of this tech could easily lead to a post-retail future in which automated smart apparel factories would process bespoke items of clothing enabled with the tailored components each consumer desires.
Setting the right growth trajectory for connected apparel will help enable all these probable future scenarios. It’s not just about combining fashion and technological capabilities, but instead discovering more meaningful interactions to create something that’s valued by consumers in a holistic way. As connected apparel becomes more tailored to the owners, there’s an opportunity to offer services in conjunction with the garments. Different articles of clothing could, say, unlock different aspects of a service model — just think of the way apps work on your phone.
My favorite team jersey can be linked, for example, to my season tickets at the stadium. My pay-as-you-go gym membership model can be embedded in my workout gear. Ideas like this show how revenues for connected clothing could be generated over the entire lifecycle of the garment. This service model would subsidize garment costs while fostering long-term relationships and communication between customers and brands. Larger brands can open their platform to other smaller brands and curate the content for their consumer. This will bring a greater variety of contributions and ideas pushing the demand for complementary products.
True connected apparel success will be stitched into products that generate value through technical and digital characteristics by establishing strong emotional relationships with consumers. Fashion brands aren’t there yet — but if they take the challenges seriously, they will be able to try service model innovation on for size. That’ll be a good look.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
As 5G becomes a reality, it’s signaling the dawn of a new age of cellular technology transforming not only the speed, but also the responsiveness of wireless networks. It will enable increased connectivity and flexibility, allowing far more devices to access the mobile internet at the same time. By significantly increasing the available bandwidth, 5G will improve end-to-end performance, delivering a much better user experience.
5G will open up a world of possibilities — from drones acting as the fourth emergency service to allowing autonomous vehicles to communicate with each other and read live map and traffic data. IoT will be transformed from mobile virtual reality to the many touted benefits of smart cities finally coming to fruition.
However, with the rollout of 5G, a new framework for software development is required to cope with the sheer scale and speed of the network. This will necessitate that testing strategies focus on the entire ecosystem rather than a component-driven approach. Companies that have traditionally been competitors will now need to find a way to work together to deliver and maintain the new digital experiences that users expect.
The changing face of testing with 5G: Four factors to include
- Testing the use case, not the code. It needs to work, but the most important question is: Does the experience meet user expectations? With the introduction of the ultra-reliability aspect of 5G, this will become standard.
- Testing energy consumption will now be important. Keeping track of the energy consumption of use cases rather than components will be necessary.
- Testing security. With increased connectivity and speed, security concerns will magnify.
- Testing across companies and ecosystems. Monitor the digital experience on a continuous basis to assure the quality both in pre- and post-production.
For companies that are still burying their heads in the sand and only testing code or component compliance, the advent of 5G will shatter that illusion once and for all. Businesses that want to reap the innovation and monetary rewards from 5G must expand the scope of their testing efforts now or risk being left behind.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Summer is one of the most exciting times of the year. School is out, the weather is great and the countdown to vacation begins. But while the summer brings with it a lot of fun activities, it also brings the potential for higher energy and water consumption, which equals higher bills for personal, business and commercial real estate uses. It’s inevitable that commercial businesses will consume more energy and water during June, July and August with increased usage of cooling systems, lighting and water, but technology can help. The smallest changes can make a huge difference in lowering energy costs and, thanks to smart building technologies offering remote real-time monitoring and control of buildings, it’s possible.
Let’s talk more about how this works.
LoRaWAN is a low-power, wide-area networking protocol based on LoRa technology that enables remote and real-time monitoring and control of buildings. There are hundreds of low-cost sensors always collecting data that is passed through a gateway to a cloud-based server. From there, the data is analyzed by third-party applications putting out real-time metrics which are assessed and generate output responses, such as an alert or action.
LoRa devices and the LoRaWAN protocol enable a number of smart building applications, such as smart thermostats, sprinklers, door locks, and water leakage detection sensors (humidity and temperature). The latter, for example, enables building maintenance professionals to control indoor climates and conserve water and power through predictive analytics, allowing damage to be detected early, thus reducing the cost and potential harm that could come to other sensitive equipment. LoRa technology’s long-range, low-power capabilities also enable a reduction in network infrastructure costs, allowing for easy adaption and implementation.
Outfitting a commercial building with smart devices can lead to significant cost-savings and higher efficiency. This summer, as the heat rises, smart thermostats can be used to auto-adjust indoor temperatures according to preset preferences to ensure employees are comfortable in the work environment and the building is not subject to fluctuating temperatures. Smart outlets reduce electricity consumption by remotely controlling lights, water heaters, humidifiers and anything with a plug, enabling building managers to turn them off and on with a mobile phone. Streamlining this process enables building managers, owners and service providers to view smart devices remotely and ensure all the things within the smart building are continuously connected. LoRa-enabled humidity and temperature sensors are another effective way to monitor water usage and prevent damage due leaks, as they share real-time alerts allowing businesses and homeowners to act fast and address any issues that arise.
With the right technology in place, commercial building managers can make sure employees are working in a comfortable, safe environment all while reducing cost and increasing connectivity. These devices are an economical way to take on the task of conserving energy, showcasing yet another example of the benefits IoT has for smart building maintenance during the peak of summer.
Picking the right cellular low-power wide area technology for an IoT deployment can be a challenge. While you are looking for the right fit for your use case, you must bypass the technology push. If you know what to look for, you’ll see the subtle differences and their advantages to your case.
LTE-M and Narrowband-IoT (NB-IoT) are types of cellular connectivity intended to save power consumption. Both technologies tweak various network parameters in favor of power consumption, but both come with a sacrifice in latency and speed.
This concept remains when comparing LTE-M and NB-IoT among themselves. In the Narrowband-IoT standard, parameters are tweaked even further in favor of power consumption. But this comes at a disadvantage for power-efficient communication when the cellular modem moves.
Devices on the move? No NB-IoT
There are two major reasons why NB-IoT is not right for mobile IoT use cases:
- It does not support roaming
- It does not support handovers between cells
Roaming might not be an issue for every use case. If you deploy your assets in the U.S., for example, the lack of roaming functionalities is generally not an issue. But if you deploy GPS trackers in Europe, chances are that a vehicle will cross a geographical border many times a day.
Deutsche Telekom and Vodafone completed successful roaming tests on both networks. Although this is a promising accomplishment, we are far from publicly available roaming. The NB-IoT standard requires a small radio band of 200 kHz. Operators can choose from three implementing approaches for its core network — this brings flexibility on the network operator’s side. The NB-IoT modem needs to handle these different approaches — a fact that is irreconcilable with the aim to be cheap, simple and energy-efficient.
The absence of handover support in the standard brings similar problems. When a cell becomes out of reach of an NB-IoT device, it has to go through a full registration cycle again. This can take up to 30 seconds, making it a power-hungry and slow procedure. This contradicts the big advantage for NB-IoT: battery life.
So, is NB-IoT less useful than LTE-M?
No, that’s not the case. When used on a fixed location use case, NB-IoT can be efficient. The simple, cost-efficient hardware combined with deep indoor penetration brings great value. But to unlock its full potential, prepare to go all-in on the technology. There are several ways to use its protocols. Finding the perfect setup with NB-IoT can lead into a deep dive of application layer protocols.
The other answer of the 3GPP to non-cellular LPWAN is LTE-M. It focuses on saving power with two functionalities. The first is its deep-sleep, mode called power savings mode. The second technique wakes up the device only periodically while connected, a mode is called extended discontinuous reception. Since LTE-M follows a similar access scheme to 4G LTE, it has a head start with operators already having deployed an LTE-M network.
These two features make LTE-M an attractive option when looking for power efficiency alongside performance. The ubiquity of already-deployed LTE networks acts a big plus.
Cellular modules tell the story
Both technologies have their own advantages, making them suitable for different use cases, but they are hardly interchangeable. One of the leading providers, uBlox, offers both technologies on the same cellular module — this already tells you that the market hasn’t decided which is winning yet.
To make a well-considered decision, knowing whether your devices will often move is an important factor. Just like power-saving, it is crucial to know what you try to achieve. Knowing the true purpose of your systems will help give you decide if low-power cellular is an appropriate option.
For those who don’t know Goya’s “Saturn Devouring a Son,” it belongs to his series of Black Paintings — and also serves as the best comparison I can make after IoT World Europe Summit, part of TechXLR8, in London last week.
In the painting, the god Cronos, who immutably governs the course of time, is devouring a son. The act of eating your child has been seen, from the point of view of psychoanalysis, as a figuration of impotence.
To relate this to the conference I attended, Saturn is AI and his impotent son is IoT. Sure, there are other brothers waiting their turn to be devoured by their hungry father — augmented reality, virtual reality, blockchain, digital twins .., not even 5G will be spared.
If you’re still waiting for the IoT boom, this event confirmed the fact that IoT is badly wounded — at least in Europe. The few IoT companies that exhibited their products and services showed nothing could overshadow the big winner: the ubiquitous father AI. Although augmented reality and virtual reality presents itself as a great rival, it has yet to beat its competitors.
The speaker lineup this year included a mix of vendor presentations and client success stories, but neither was able to raise the event. The few large IT firms present, including Microsoft, SAP and Oracle, were on the side of the father AI.
Discussions of the first years of the IoT boom revolved around connectivity, security, IoT platforms and even business models. Today, nobody is interested in these topics. I am sorry for those advising in these areas, but it seems that all the fish has been sold in Western Europe.
It was also apparent that the great integrators weren’t present either. Those that should have implemented IoT for years but never risked investing continue to squeeze clients with digitization projects, cloud migration projects, products updates and customized developments. And I believe most of them have done a disservice to the acceleration of IoT.
Also, there was no great IoT news during the event. Perhaps the most important announcement was given by Marc Overton, who took advantage of his presentation to announce the recent collaboration agreement between Sierra Wireless and Microsoft as the industry’s first full-stack IoT offering — something that happened far from the event.
As for my session, it mixed IoT and blockchain, something that would have guaranteed success for attendees over the past two years, but did not arouse enthusiasm this year. It’s evident it is becoming a commodity — something that’s not bad, since we can finally stop speculating about use cases and start using it in our lives and business.
Don’t worry, the life of IoT events will continue; this week alone there are three more:
- Living bits and things in Bled, Slovenia
- IoT Tech Expo Europe in Amsterdam
- IoT Week in Aarhus, Denmark
Organizers and exhibitors need to reinvent IoT events to make them more attractive to visitors and generate qualified leads. We need IoT events where IoT is present in every corner of the floor, on every stage and in every service, including the cafeteria, restrooms, transportation and so forth. We need to breathe IoT every minute. Otherwise, IoT events will continue driving away visitors and exhibitors, and Saturn — AI — devouring a son — IoT — will become a reality.
Thank you for your likes and shares.
There is no shortage of practical commercialized applications around machine learning, AI and blockchain for IoT throughout enterprise and government organizations. Where we have seen the most value across enterprise and government is within prescriptive maintenance. The science of prescriptive maintenance is finally on the cusp of a major transformation with IoT, edge computing and machine learning all poised to accelerate in an era of 5G, quantum computing and innovation in low-power, high-performance processing applications.
It’s critical for companies and government entities to understand the maturity curve of maintenance so they can determine where their operations currently are, where they want to be and where they will get the most return for their investments in technology and processes. They need to explore how to evolve their maintenance programs with future-proof technologies or at least technologies that are not suddenly outdated in the next few years. Prescriptive maintenance is emerging as the next generation of maintenance strategies and will most certainly be a major part of the fourth Industrial Revolution.
What is meant by prescriptive maintenance? The term prescriptive maintenance is derived from the principle of prescriptive analytics. This concept is a step past prescriptive maintenance and it not only supplies the possible outcomes in a situation, but it also gives the best way to approach the maintenance requirements based on analysis of those outcomes. Prescriptive maintenance techniques are designed to help determine the condition of in-service equipment in order to estimate when maintenance should be performed.
Most prescriptive maintenance is performed while equipment is operating normally to minimize disruption of everyday operations. This maintenance strategy uses the principles of statistical process control to determine when maintenance tasks will be needed in the future. The aim of prescriptive maintenance is first to predict when equipment failure might occur, and second to prevent the occurrence of the failure by performing maintenance. Monitoring for future failure allows maintenance to be planned before the failure occurs.
In prescriptive maintenance, a number of tools and techniques monitor the condition of machines and equipment to predict when problems are going to occur by identifying the symptoms of wear and other failures. Prescriptive maintenance is also a philosophy that uses the equipment’s operating condition to make data-driven decisions to improve quality, productivity and profitability. The difference between preventive and prescriptive maintenance is that preventive maintenance tasks are completed when the machines are shut down and prescriptive maintenance activities are carried out as the machines are running in their normal production modes.
Prescriptive maintenance allows government or commercial entities to lower maintenance costs, extend equipment life, reduce downtime and improve production quality by addressing problems before they cause equipment failures. The more high-quality data fed into the prescriptive model, the better its accuracy. Some examples where prescriptive maintenance can be implemented for enterprise and government include the tying together of live monitoring equipment with historical failures and maintenance logs, along with the spare parts refurbishment inventory and maintenance ticketing systems that automate the process of understanding signals that lead up to failure. Algorithmically, it can then have the system check if there is a spare part in inventory and then process the work order for the maintenance event to happen all in a fluid process.
Anyone can advertise these tools. But note that artificial intelligence, machine learning and blockchain services are only part of the process of building, training and deploying coherent models into production systems. When bringing an AI and deep learning solution to a problem, ensure that experience is represented in all aspects of the technology stack.
Any individual can operate the machine; it requires additional knowledge to manage the system. It is critical to determine ways data can be used to configure and trigger machines, prove authenticity or produce any type of output intended to get a business closer to its goals. Also, work to define a problem well before its solution to ensure that the right data gets to the right person or system at the right time.
Amid eye-popping investment figures, hype and claims from both established and emerging automation vendors, gaining clarity on robotic process automation is now a major issue. As the pioneers of RPA technology — which has fueled a rapidly expanding, yet confused market — we feel that it’s more important than ever to redefine what the technology is and what it isn’t.
Forrester Research identified nearly 40 companies offering some sort of RPA or intelligent automation capabilities. This has led to a lot of hype and disappointment on the part of users for what the technology can actually deliver. RPA assertions are important, and not every vendor can back up its automation claims. True RPA is complex and relatively misunderstood, so without a definitive reference point, organizations risk choosing either the wrong options or bad, poorly designed automation options.
Delivering true RPA
True RPA was designed from the start to successfully operate in large-scale, demanding enterprise deployments to enable tactical, business-led change. Since we began developing and evolving RPA software back in 2001, the technology has played an increasingly significant role in transforming the efficiency and productivity of workplace operations of over a thousand large organizations.
We’re now entering a new era of collaborative technology innovation being enabled by ever-greater, more intelligent business automation: connected-RPA. Connected-RPA enables organizations to increasingly release the combined creativity of digitally savvy business users who really understand their business. By giving them the ability to access and exploit leading-edge cloud, AI, cognitive and other capabilities, they can innovate and swiftly develop new, compelling offerings to keep pace with ever-changing market demand.
The origins of connected-RPA go back to when we started solving the “human middleware” issue in banking environments, where human workers perform mission-critical, repetitive tasks requiring interoperability and integration between enterprise-wide IT systems. RPA was the breakthrough software that carried out tasks in the same way humans do — via an easy-to-control, automated digital worker — or intelligent software robot.
Digital workers have also progressed from not only reading any third-party application like humans, but also conducting work like humans. They are interconnected, communicate with one another to collaborate, share workloads and operate as a highly productive digital team. Digital workers make adjustments according to obstacles — whether different screens, layouts or fonts, application versions, system settings, permissions or even languages.
It’s the unique, universal enterprise connectivity capabilities of digital workers, coupled with the increasingly intelligent way that they operate, that’s now being harnessed by business users to integrate with and orchestrate any new or existing technology application. Business users simply create automated processes by drawing and designing process flowcharts, which are then used by the digital worker to automate a task.
Having both human and digital workers working together, while seamlessly interacting with existing and new applications, creates a powerful, intelligent, collaborative digital ecosystem, which is the essence of connected-RPA. This also provides the foundation for ongoing digital transformation, and leading industry academics expect connected-RPA to emerge as the execution platform of choice for best-of-breed AI and cognitive technologies across the enterprise.
Although connected-RPA is business-led, to maintain long-term success it must operate in an IT-endorsed and controlled environment. Therefore, to ensure that they’re trusted by demanding enterprises, digital workers are designed to be scalable, robust, secure, controllable and intelligent. Business users train digital workers without coding, so the system infrastructure remains intact and IT development isn’t needed. If code is used to build automations outside the technology department, unwelcome shadow IT is introduced, along with unaudited process models that represent threats such as backdoors, security flaws and audit failures.
The process models run by the digital worker are made explicit in the process flow chart for each process automated, which is subject to audit and change control and security with dual-key authentication. This approach is highly secure and compliant, as all documentation is securely managed within a connected-RPA platform and protects the business from rogue employees, rogue robots and shadow IT.
Beware of imitators
The majority of newer RPA-labelled offerings, such as robotic desktop automation (RDA), desktop robot, or attended RPA, have been designed to deliver multiple, short record-and-replay tactical automations for navigating systems on desktops. Let’s be very clear: These automation technologies offer limited scaling capabilities and are masquerading as real RPA technology.
Desktop automation’s big promise is that business users working in front and back offices and across different departments can record a process and have software robots deployed within hours. Where processes are complex and require more technical skills, users can automate just some parts of the process that can be recorded and leave the rest. Organizations are being assured that their business users don’t need to involve the IT department, so by bypassing the IT work queue, they can experience both business benefits and ROI faster than other RPA approaches.
The problem with desktop recording and the notion of a personal software robot is that a single human user is given autonomy over a part of the technology estate — their desktop — which introduces a lack of control and by extension creates multiple security and compliance issues. Desktop recording spells trouble for the enterprise as it captures choices based on an individual’s interpretation of a process versus a central consensus for the best path. This obscures a robot’s transparency and hides process steps, which when duplicated over time becomes a potential security threat and limit to scale.
There are two other major drawbacks of the desktop approach to automation. First, if a robot and a human share a login, no one knows who’s responsible for the process; this creates a massive security and audit hole. Secondly, if a robot and a human share a PC, there’s zero productivity gain as humans can use corporate systems as fast as robots. So, this approach doesn’t save any time or make the process any slicker for a user.
By restricting automation to a multidesktop environment outside of the IT department or any central control, RDA vendors are effectively sanctioning and using shadow IT as part of their deployment methodology. This is potentially damaging for an organization as shadow IT, in the context of RDA, means unstructured, undocumented and uncontrolled technologies become part of business process flows.
For example, consider the creator of a desktop-automated process leaves the company or an organization changes. This can lead to audit failure due to an unknown fulfillment activity taking place or security holes, such as passwords embedded in these lost processes, fraud and denial of service. If your business allows departments to build these recorded desktop RDA scripts, then over time you will eventually create a shadow IT nightmare.
Ultimately, as the core architecture of desktop automation isn’t built on strong foundations, it may not be fit for the long-term demands of an enterprise environment. Many of these deployments never get beyond simple subtasks which have been executed using an agent’s login and run on their own desktop. Although they may help that particular task, they deliver limited capabilities and are not transformative at all.
Ultimately, false RPA limits the scale and potential of the technology to the confines of the desktop and introduces a variety of risks, too. True connected-RPA provides a platform for collaboration, securely and at scale, across more than 1,300 large organizations where human workers, systems and applications are already creating a powerful, intelligent, safe ecosystem of partners that enable a real digital transformation.
As industry experts project a continued explosion in the number of IoT devices connected globally, security remains a hot topic — at least partly because of the significant challenges it brings. Despite IoT being a relatively new industry, there have already been many high-profile security breaches. Perhaps the biggest example to date is the Mirai botnet in 2016, where thousands of devices, such as cameras and DVR players, were infected and a massive denial-of-service attack was launched. The attack affected major services on the internet, including many leading brands like Twitter, The Guardian, Netflix, Reddit and CNN.
Given the severity of this and other breaches, unsurprisingly security remains one of the top technical barriers to IoT implementation success according to a survey published by Gartner in 2018. Undoubtedly, insecure devices and related breaches can result in lost revenue, brand impact and liability for manufacturers and distributors. And, for some IoT applications in areas like healthcare, critical infrastructure and automotive, even human safety can be at risk.
Identity is key to security
IoT brings a new and intricate scale to securing devices as deployments can be large and distributed, and often include mobile devices. Although security remains at the forefront, the industry is still largely grappling with how best to secure IoT deployments. Deployments often undergo a complex manufacturing process with multiple steps and potentially many production lines. Because of these complexities, security is perceived to be difficult, often falling low on the agenda. And as manufacturers are driven to get products to market quickly to maintain a competitive edge, security is often deprioritized instead of ideally being built in from the start.
As a result, the IoT security discussion takes many forms, involves many possible components and still includes a fair amount of confusion. However, underpinning all IoT security schemes is one fundamental requirement: the essential ability to identify devices and services and ensure that they are, in fact, who or what they say they are. This seems simple, but can be detrimental to the protection and governance of an IoT ecosystem if overlooked.
A device identity can take a number of forms; sometimes developers use a piece of information that already resides in one of the existing components, for example, a network MAC address or serial number burned into a microprocessor, or even worse, a hardcoded password compiled into the firmware. These sorts of identities aren’t very secure, are easy to spoof and can’t be used to either guarantee the identity of a device or to secure communications between the device and a service.
Managing IoT complexity with a PKI
To enable a truly trusted ecosystem, each device must be authenticated with an embedded and cryptographically provable identity. If you can’t trust the identity of the device, then you can’t trust the data you receive from the device. This is where public key infrastructure (PKI) comes in. The main purpose of a PKI is to manage keys and certificates that are used to enable trusted infrastructures by enabling parties to mutually authenticate, to transmit data securely between each other and to prove that specific data genuinely came from the party that it claims to have come from. The same elements of trust are required to secure IoT. We need to trust that each device is the one it claims to be and that the device is talking to the appropriate service — both components want to know the communications between them are secure and that there has been no data tampering.
Once a device has a trusted identity, then all the other services and communications from it can be protected. For example, on a medical device, the personal health data being transmitted is sensitive, so it is important to encrypt the communications such that only the authorized healthcare provider can decrypt it. Those encryption keys can be delivered as part of the device’s identity.
Options for implementing a PKI
Fortunately, there are several options for including this critical element of the IoT security puzzle. Many traditional PKI services are available or you may decide to build your own.
Many traditional PKIs were designed to support the delivery of certificates for websites to secure SSL or to deliver employee credentials enabling access to certain services — for example, only managers can access payroll data — to enable VPNs providing secured communications or managing building access control. PKI providers typically haven’t needed to design their infrastructure to scale to the levels required for delivery into IoT. IoT deployments can scale to tens or hundreds of thousands of devices at a time, such as CCTV cameras covering a large metropolitan area. Traditional PKIs also may not support the delivery of custom secured payloads, like secure applications, XML files or other data structures as per your security model. To be sure to choose the right provider, look for one that specializes in delivering device identities.
What about running it yourself? It’s possible, but it’s hard to get right and you are better off leaving it to the experts. There are complexities around running a PKI that require careful consideration. It not only requires a lot of infrastructure, including servers and hardware security modules, but also physically secure data centers with access control and policies. People need to be vetted and processes need to be put in place to ensure no single person can gain access to the keys.
So, now that you know the secret, the most important aspect of any IoT security scheme is that it’s built on the concept of a trusted identity. As identity underpins everything else, it needs to be included in the design from the start, and it should be built on proven trusted technology.
Amazon Prime devotees may not pay much attention to the by-the-minute, step-by-step updates to shipping statuses they can access about their purchases, but this is proof of the triumph of IoT writ large in everyday life. IoT has changed how goods are brought to market, and it has the potential to change the future of mobility even further.
A central component to economic growth is the movement of goods and people. As demographic shifts change where people live and work and the world’s population become more urban, strong transportation networks will be key to continued growth and prosperity for all nations and will have a blunting effect on inequality. IoT can help bolster the resilience of these transportation systems by offering real-time monitoring, adjustments to optimize the flow of goods and people, automation of some services and predictive analytics that can anticipate future needs. These efficiency gains will be all the more important because simply building more infrastructure will not solve the problems posed by rapid urbanization, lack of hierarchical roadway systems, increased motorization, poorly maintained or inadequately built infrastructure and a lack of overall resources. The future of mobility must include IoT capabilities that allow for the monitoring, regulation and logistical support to make a transportation network truly resilient.
Recent research by my colleague, Mariyam Hasham, shows some of the best uses of IoT can already be seen in transportation and logistics companies, where IoT applications are used to track and trace, for network efficiency and to reduce idle time. Real-time monitoring allows for better asset maintenance, and the use of predictive analytics can speed up turnover in supply and demand chains. For transport and logistics companies that have supermarkets and other retailers with a high turnover of goods, the benefits of just-in-time deliveries made possible by IoT reduces overheads and ensures optimum freshness of products. For customers who order a product online, 88% expect to have the ability to track their order from time of purchase throughout the shipping chain until final delivery.
Organizations that manage a fleet can take advantage of IoT capabilities such as intelligent dispatching, real-time incident response and asset monitoring. The logistical complexity of managing vast fleets across multiple countries and supply chains can be simplified by combining IoT applications that provide wide real-time monitoring. This leads to fluidly interconnected business systems, but that allow for customization to meet specific fleet and customer needs. For example, transportation and logistics companies that transport perishable or fragile goods can use IoT technologies to continuously monitor and adjust temperatures without human intervention. This reduces costs through spoilage or contractual failure.
By implementing IoT technologies, transport and logistics companies make their supply chains more resilient, improve their customer interactions, reduce costs and improve their efficacies. Additionally, these initial IoT systems will create the groundwork for city-wide systems that enable driverless cars, improved public transportation systems and a coming revolution in mobility services.