This is the first piece in a three-part series.
There is a lot of controversy in business circles as to whether organizations use AI technology for unethical purposes. This blog isn’t about that at all.
From a data scientist’s point of view, ethical AI is achieved by taking precautions to expose what the underlying machine learning model might learn that could impute bias. At first glance, latent features of the model or relationships between data may not appear to be biased, but deeper inspection shows that that the analytic results that the model produces are biased toward a particular data class.
Bias can be imputed through confounding variables
One of the most common misperceptions I hear about bias is “If I don’t use age, gender or race, or similar factors in my model, it’s not biased.” Well, that’s not true. Even though the same people holding this opinion know that machine learning can learn relationships between data, they don’t understand that there are proxies to biased data types in other features that are captured. These proxies are called confounding variables and, as the term indicates, unintended variables can confuse the model into producing biased results.
For example, if a model includes the brand and version of an individual’s mobile phones, that data can be related to the ability to afford an expensive cell phone — a characteristic that can impute income. If income is not a factor desired to use directly in the decision, imputing that information from data, such as the type of phone or the size of the purchases that the individual makes, introduces bias into the model. A high dollar amount on purchases can indicate that an individual is more apt to potentially make these types of transactions over time, again imputing income bias.
Research into the effects of smoking provides another example of confounding variables. In decades past, research was produced that essentially made the correlation, if your smoke, your probability of dying in the next four years is fairly low; that must mean smoking is OK. The confounding variable in this assumption was the distribution of smokers. In the past, the smoking population contained many younger smokers whose cancer would develop later in life. The older smokers were already deceased. Thus, the analytic model contained overwhelming bias and created a biased perception about the safety of smoking.
In the 21st century, similar bias could be produced by a model concluding that, since far fewer young people smoke cigarettes than 50 years ago, nicotine addiction levels are down, too. However, youth use of e-cigarettes jumped 78% between 2017 and 2018, to one out of every five high-school students. E-cigarettes are potent nicotine delivery devices, fostering rapid nicotine addiction.
The challenge of delivering truly ethical AI requires closely examining each data class separately. As data scientists, we must demonstrate to ourselves and the world that AI and machine learning technologies are not subjecting specific populations to bias.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Electronics manufacturing services providers who use conventional printed circuit board assembly and manufacturing models are scrambling to augment their production facilities to handle increasingly smaller boards like those used for IoT devices.
At today’s advanced printed circuit board (PCB) houses, savvy leaders are homing in on newer technologies and merging conventional surface-mount technology manufacturing with the newer microelectronics manufacturing. Why? Because sophisticated IoT PCBs demand a different breed of inspection and calibration to comply with extremely miniature dimensions and that’s where PCB microelectronics lives.
Take for example, the newer higher-powered laser microscopes introduced on the microelectronics assembly and manufacturing floor. These tools are tailored to perform inspection and calibration tasks that legacy PCB manufacturing systems cannot handle because they cannot deal with the minutest details imaginable. Those minute details are the cornerstone of microelectronics manufacturing.
Capabilities of advanced laser microscopes
Tools such as the laser microscopes, perform die or chip, epoxy resin and solder mask bleeding and air bridge inspections. They also calculate Z-axis dimensions and create 3D rendering. Why are these manufacturing tasks so important? All fall under the umbrella of assuring IoT device reliability and operational integrity. These highly advanced laser microscopes check for die surface defects, such as extremely fine cracks or miniscule chipping at the corners of a die. These scopes also quickly spot corrosion, contamination or oxidation.
It’s important to prevent floating die. In cases like this, miscalculating the amount of epoxy under the die for the die attach process results in epoxy resin bleeding. In other words, a die isn’t completely attached to the substrate. The microscopes verify that a poorly produced die attach doesn’t go any further in the IoT PCB manufacturing process.
Microscopes perform inspection for solder mask bleeding. This means the mask may bleed onto the pad where wire bonding is installed. The pad’s size may not be sufficient to perform the bonding. Again, these high-powered scopes inspect and verify this issue doesn’t exist.
The microscopes also inspect air bridges. An air bridge is the air distance created to bypass a component located between two other components. It connects a wire bond from one point to another and passes over the middle component.
Aside from inspections, microscopes calculate length, width and height in the Z-axis for dealing with height restrictions. Sometimes dies are attached in gold surface finish cavities, and they need to be precisely height controlled. This permits a perfect fit in those cavities before attaching wires via wire bonding after die attach. The high-powered scopes are perfect tools to view cavity length and depth and to perform height measurements in the Z-axis.
Finally, 3D rendering of the wire bond pads, substrate height or paste height provide microelectronics manufacturing technicians a clear visual. Technicians can calculate the length of the wire bonds, their loop curvatures and underfill thickness for the proper die attach and accurate wire bonding.
When it comes to IoT PCB microelectronics manufacturing, there should not be any question about the tools needed to achieve accurate inspections and calibrations.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
IoT is truly a ground-breaking innovation that affects everything in our lives — from kitchen appliances to major business operations. Things like GPS trackers, sensors and even everyday objects can all be embedded with electronics and internet connectivity to make them smart. These smart objects can connect to the cloud, be remotely controlled and communicate with each other. IoT paved the way for tech companies to create tailor-made solutions for business operations and daily challenges. The radical changes in sophisticated mobile devices, computers and advanced machinery were somewhat expected because of the speed of their development in recent years, but controlling the temperature of your coffee cup via your smartphone was a pleasant surprise for everyone. The ability to create vast networks of connected devices has already deeply affected every industry in the world, leading to IoT being widely considered a new milestone in technological history.
What the IoT Means for the Future of GPS
Although GPS technology has been around for decades, the emergence of IoT has reshaped the way we use GPS-based applications and devices. IoT technology enhances GPS devices to transmit data remotely and connect to other systems and sensors. Modern-day tracking devices can collect and transmit comprehensive vehicle data, including fuel monitoring, remote temperature monitoring and driver identification.
Take a look at some examples of how IoT connectivity can enhance the capabilities of GPS tracking technology:
Improving logistics and transport operations: The biggest challenge in the transport and logistics industry is the tracking of vehicles and where they are headed. Managing a fleet operation can be a logistical nightmare. With hundreds of moving assets and employees scattered across cities or even countries, it becomes almost impossible to keep track of their movements and plan efficient routes and provide customers with accurate ETAs. The introduction of IoT-enabled tracking devices completely changed the way fleet companies handle their business operations. Field managers now have access to actionable real-time information about their vehicles, giving them total control over their assets to optimize the performance of their workforce. Organizations can use real-time location tracking to make immediate changes to routes in the event of road closures or traffic and ensures they can respond promptly when customers require urgent services.
Providing solutions for people with disabilities: IoT has promising implications for the lives of people with disabilities. It can be frustrating to depend on other people to travel or take care of your daily needs. New innovations are developing rapidly to empower people with disabilities with the help of advanced sensors and IoT technology. Once a seemingly far-fetched idea, self-driving vehicles will soon be available to those unable to drive themselves. Personal GPS tracking devices offer a myriad of tools to assist people and ensure their safety, such as a panic button, event alerts and live tracking. GPS trackers with IoT-enabled sensors provide the necessary navigation tools when moving around and can scan the surroundings of people with visual impairments to direct their movements and keep them safe. Tracking devices also provide additional safeguards in the form of personal locators.
Tracking devices for parents: Losing a child is every parent’s worst nightmare, and parents have every right to be worried. The statistics on missing and abducted children show that our kids are very vulnerable to the outside world. IoT-enabled tracking devices are the best way to give parents peace of mind without restricting a child’s freedom. These devices create a protective barrier around children to keep an eye on them at all times. By drawing virtual fences around specific locations, such as home and school, parents can know their children are where they should be without having to actively watch the tracker. Tools, such as instant event alerts and an SOS button, can be lifesavers in emergency situations, giving parents the chance to rush to their child’s aid.
Safer driving with IoT sensors: Vehicle tracking devices reveal a surprising amount of information about our driving habits. IoT technology greatly improves a driver’s monitoring capabilities, with instant updates about their behavior behind the wheel. With sensors onboard, tracking devices detect and help prevent the driver from speeding, idling, harsh braking and other risky driving practices. For businesses with a fleet of vehicles, fleet management systems integrated with IoT and GPS technologies have unprecedented benefits when it comes to safety and security. With the driver performance reports provided by the management system, unruly drivers can be identified and encouraged to adopt safer driving habits through training schemes, warnings or rewards for safe driving. In emergency situations, managers can locate vehicles and drivers on demand to dispatch emergency services to the scene, potentially prevent serious injuries and reduce vehicle downtime drastically.
Superior asset monitoring: Transporting sensitive equipment and cargo is an extremely demanding undertaking. Perishable goods such as vegetables, baked goods and meat products must be kept in a carefully controlled environment when transported over long distances, which means they must be monitored around the clock. Traditionally, drivers had to complete this laborious process manually by inspecting the cargo at regular intervals. These days, field managers use GPS tracking devices containing IoT-enabled sensors installed into each vehicle at relatively low cost to monitor every vehicle and cargo hold simultaneously. Advanced sensors can detect any changes in the condition of the cargo hold and effortlessly transfer the data to the cloud. Field managers can check the state of their goods remotely — from anywhere in the world — and make necessary changes, such as adjusting the temperature and humidity settings or informing the driver about a malfunction.
IoT technology is spreading like wildfire throughout the world. It’s already had a huge effect on many aspects of our lives, and it’s still evolving. GPS-based devices and tracking systems have been considerably enhanced by the emergence of IoT-enabled systems and connected sensors. With IoT’s superior connectivity and the vast network of connected devices, technological marvels like self-driving vehicles, smart homes and even smart cities have become possible.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
More organizations in all industries are starting to use augmented reality glasses and software, but the bulky headset and premium price tag are major barriers to entry for most industries and job roles. Mixed reality glasses are on the rise, capitalizing on the plethora of AR uses and advancing business applications with sleeker and lighter form factors, advanced computing power and more capabilities. In fact, 68% of workers believe that MR will play an important role in helping to achieve their companies’ strategic goals over the next 18 months, according to a report that Microsoft commissioned from Harvard Business Review.
Today, more and more AR and MR technology is making its way into different organizations, including airline, automotive, engineering, architecture, field services and healthcare. Many companies use smart glasses or only AR software, but MR technology has continued to evolve, and the industry now expects full end-to-end packages that include both MR glasses and AR software for customers and employees.
MR is bringing forth a new era of hands-free human interaction. Users can directly interact with the surrounding objects or people while smart glasses display digital information in their field of view and connect users to remote experts. For example, workers could use MR glasses and advanced AR software for remote expert aid and 3D capture capabilities across industries.
Remote Expert Aid: A worker can rely on their live point of view through MR smart glasses to connect with a remote expert, while receiving live or audio instructions. This not only will improve troubleshooting by visualizing overlaid precise digital information, but will also allow the remote expert to see and guide workers through each step of the task. In the “Enterprise Training with Augmented Reality” white paper, Re’flekt researchers found that AR instructions overlaid in 3D resulted in an 82% reduction in the error rate for assembly tasks, 50% faster task performance and 60% increase in learning time. Live instructions could help in urgent cases, such as if a nurse is aiding a patient and needs to call a doctor for assistance, they can easily stream their live point of view to a remote healthcare expert for additional help. Airline workers can save data on any work processes for future reference or audio instructions, such as fixing a wing electrical system.
3D Capture Capabilities: While on site, workers can generate an accurate 3D computer-aided design model of anything they are working on or looking at, whether that is an onsite location or piece of machinery. Along with capturing accurate models, workers can overlay existing designs or instructions on top of machinery to have everything they need in their immediate line of view. They can then easily save all 3D-generated content for future reference in a secure database. Railroad workers can apply the technology to wayside track device locations, such as finding track signs or markers at their expected, predefined geolocation. Logistics workers can use the tech to generate an accurate 3D model of a package or scene during the logistic process.
MR technology streamlines communication to save money and give workers within the organization the resources they need to maximize productivity, improve key performance indicators and improve worker safety.
Gartner has said there will be 20.4 billion IoT devices deployed by 2020. The truth is, no one knows the exact number. It’s possible the total will be even higher.
This proliferation could lead to unprecedented challenges in sending data to devices and back to the cloud for analysis. The sheer volume of data can escalate costs quickly and even create high-latency that prevents devices from working, especially those that require rapid data processing.
Enter edge computing, which brings cloud resources closer to devices. Edge computing provides local data collection and processing, without traversing the internet to reach a distant central cloud or data center.
Organizations that adopt edge computing must consider an optimal mechanism for transferring data in the most resourceful and cost-effective way possible, tailored to their specific requirements.
For IoT deployments to succeed, organizations need an efficient process for delivering new applications, features, updates and security enhancements to potentially huge numbers of geographically dispersed embedded devices.
Many existing in-house updates push a copy of the device’s entire disk image — often referred to as a firmware blob — each time the device needs an update. This practice can result in huge costs, both in terms of time and bandwidth, especially for devices using cellular connectivity.
Thankfully, an alternative exists to reduce the amount of data transferred. Snaps, the universal Linux application packaging format, can use delta updates, an important capability that transmits only the differences between the new snap and the previous one. In many scenarios, such as a minor update to a single software library, the organizations can save much more bandwidth compared to the traditional firmware blob method when deployed at scale.
Two examples of organizations that decrease their bandwidth consumption are Rigardo and Dell Edge Gateways. Rigado, a global provider of commercial IoT edge-as-a-service, offers a containerized application platform and a variety of wireless connectivity options. Dell Edge Gateways analyzes data at the edge of IoT networks.
As the world heads towards the billions of IoT devices predicted by Gartner, the savings will grow to higher rates as more IoT developers embrace continuous delivery best practices already popular in cloud applications.
Smart home devices, such as connected cameras, speakers and thermostats, are proliferating. A second-quarter of 2019 survey from Parks Associates reveals that 28% of U.S. households own at least one smart home device. These owners have an average of six smart devices, double the average amount from two years prior.
About two-thirds of device owners install the devices themselves, according to the survey. These installations are not without challenges, including physical installation, internet connectivity and configuration. Homeowners increasingly expect a streamlined installation. When problems persist, about 20% of users return the device — a lose-lose situation for consumers, retailers and device vendors. The cards that you find inside packages with a phone number to call before you return the product are a proof of the cost.
After a successful install, devices require periodic maintenance. For example, alarm companies offer device warranty contracts on top of the monitoring contract. Discussions with service providers reveal the primary reason home owners call for service is low battery. Who hasn’t had a smoke alarm start beeping at some point, often at an inconvenient hour? The second most popular call for service is a device that is offline, often because of a dead battery. The service contract obligates the provider to send a technician, even if it is just to replace a battery. These service calls come at great expense to the providers, which increase the cost of the service contract.
Any time spent on smart device installation and maintenance is not a happy time for anyone. At home, consumers want to spend time with family and pursue passions, not replace batteries. Installation difficulty is one barrier to greater adoption of smart devices in both home and business. Of course, not all devices are created the same. A smart speaker might be easy to install. A smart thermostat might be more difficult. Installing a wired security camera might even require routing wire behind sheetrock or drilling through existing infrastructure to ensure you have optimal coverage, which is not your typical weekend DIY project.
Smart device configuration and internet connectivity problems are receiving a lot of attention from users and vendors. One option is to send consumers and businesses pre-configured devices. For instance, some users already own an Amazon device. When they buy another, Amazon might preconfigure it with the stored Wi-Fi password. Another option is to offer apps that walk users through the configuration. Other vendors offer video chat or video tutorials. Organizations, such as Handy or HelloTech, offer on-demand, on-site configuration.
Long-range wireless power technology emerges
The physical installation problem is as important as the device configuration issues. With long-range wireless power technology, we now have an opportunity to rethink both the installation and the service of smart home devices. The technology can entice new end-users and simplify the life of existing users.
Long-range wireless power is designed to charge smart devices without wires or direct contact with a charger. An energy transmitter connects to a power outlet and emits energy, such as RF energy or infrared light. A wireless receiver captures this energy and converts it back into electricity. Owners of newer phone models might be familiar with the term wireless charging in the form of Qi wireless charging pads. Long-range wireless is more optimized for devices, such as smart locks, sensors and alarms. It does not need the device to be placed on a charging pad.
The effect of long-range wireless power on device installation cannot be understated. With the right wireless technology, a power cord is no longer required for smart devices. Installing power cords can be a big issue for some smart devices. For instance, indoor security cameras are often installed high in the room. Routing a power cord from an outlet to the camera can be cumbersome. Hiding the cable in the wall might be an expensive process. In some situations, such as apartment rentals, co-working spaces or rented business offices, renovation work could violate the terms of the lease.
Without cables, the end-user can place a wireless indoor camera anywhere. The power source can be on another side of the room without cables or mess and with little effort. Battery-operated cameras often offer reduced functionality to preserve battery life. With wireless power, vendors don’t have to trade convenience for functionality and can continue to provide the same feature set as wired cameras.
Long-range wireless power also offers significant improvements to the maintenance of smart devices. Batteries never need replacement, and devices are always online. Wireless power creates convenience and eliminates the need for most technician visits. Manufacturers of battery-operated devices work hard to reduce the frequency of battery replacements, which often comes at the expense of power-hungry features. Manufacturers can add back energy-demanding features because wireless power gives them the energy needed.
This is the first in a two-part blog series.
Many of the devices we interact with on a daily basis are advertised as smart — even hairbrushes, forks, and water bottles. However, most of these smart products do not currently have the capabilities to provide significant advantages aside from collecting data about how often you drink water or brush your hair. On the other hand, smart products for commercial and industrial organizations can improve operations and bottom lines.
The case for smart devices
There are already more IoT devices than there are people on Earth, and that number will increase in the years to come.
Early generations of smart computing systems were generally bulky and required centralization and protection in designated rooms. Recent innovations have resulted in many powerful devices with smaller footprints, minimal power consumption and easier installations that improve features, including environmental monitoring and predictive analytics.
For the Industrial Internet of Things (IIoT), vendors have developed smart sensors that can perform a multitude of functions, such as monitoring temperature and pressure or flagging early warnings of trouble in unstaffed locations.
In addition to these capabilities, a major plus of modern IIoT technology is the ubiquitous adoption of wireless devices and battery operation. These advancements let users rapidly and economically deploy sensors with easy installations and minimal downtime required for launch.
Once smart devices have been installed, IT professionals can find true value by transferring data to cloud-based supervisory and analytical systems. These systems provide actionable insights for users to establish a preventative or predictive maintenance program. With these types of programs, technicians can respond as quickly as possible when a problem such as an air conditioning failure or a water leak arises.
There is a catch with smart devices; they provide vast amounts of raw data without context, making it a necessity to pre-process this data and boil it down to the essential information. In some cases, smart devices must perform analytics at the edge. In the field, these smart sensors often live at the extreme edge of the network, far past what traditional networking capabilities can access. Organizations have found the best practice is to process and analyze device data at the edge because there is too much lag time when sending valuable information to and from the cloud.
In my next article, I’ll discuss some logical steps for establishing an edge computing architecture, ideally suited for processing raw IIoT data to produce useful results from your smart devices.
As the IoT ecosystem expands deeper into our personal lives, smart healthcare technologies open up an array of applications that will improve the quality of care received and contribute to a growing IoT healthcare market. For example, healthcare organizations are rapidly deploying connected technologies, including Alzheimer and dementia patient tracking, fall detection and medical fridge monitoring. Grand View Research projects that in 2022, nearly $410 billion in investments will go towards IoT devices, software and services in the healthcare industry.
Long range and low power technology — such as LoRa devices and LoRaWAN protocols — plays a critical role in healthcare IoT applications and have many applications. LoRa deployments’ flexibility to suit the various needs of healthcare providers can equip facilities to meet the demands of providing care.
Let’s dive into some examples.
The Centers for Disease Control and Prevention noted that in 2015, the medical cost of falls in the U.S. totaled $50 billion, with an average hospital cost of $30,000. For the elderly, falling is more than just an economic burden. A fall in an isolated environment with limited access to help is a very scary prospect that prevents many elderly from leading an active, normal life. Fear of falling can accelerate depression and decrease social activities leading to an overall lower quality of life.
An IoT-based fall detection technology comprised of LoRa devices and LoRaWAN protocol could give healthcare providers an intelligent low power wide-area network that will reduce the time elderly remain on the floor after a fall. When a patient falls, the device sends a signal to the caregivers, who can immediately respond no matter where they are within the network thanks to the data provided. The LoRa-based system can also send periodic updates on the location of patients. Sensors can be connected from 15 to30 miles away in rural areas, giving ease of mind to the loved ones of dementia patients and Alzheimer’s disease patients who are prone to wandering.
When a personal refrigerator loses power, the worst thing that can happen is groceries spoiling. The healthcare industry faces dire consequences if a medical refrigerator fails. Medical refrigerators often carry important medications, vaccines and blood donations that are sensitive to temperature fluctuations and must be kept at certain temperature levels. The organizations tasked with storing these items cannot afford to use unnecessary amounts of energy or replace sensors in remote locations, so it’s also critical that the technology they use is low power. Low power devices can be difficult and costly to replace.
With LoRa devices and the LoRaWAN protocol, medical refrigerators can be monitored past working hours, providing the necessary information for an appropriate response by healthcare professionals. In the past, professionals manually monitored refrigerators, which was both time consuming and prone to user error. With LoRa devices and the LoRaWAN protocol, facilities can monitor whether a refrigerator is failing, figure out how long it has lost power and determine if the temperature is still suitable for the contents inside and safe for patient use.
If you do any reading today about the priority initiatives that organizations focus on, you’ll quickly come across discussions about innovation, digital transformation and emerging technology. Although you could easily toss these all out as industry jargon or buzzwords, there are true business advantages behind each one. Increased competitive pressure and consumer expectations mean organizations must uncover every possible growth opportunity and open new lines of revenue.
As a result, many companies have explored new ways to improve their business over the last few years, and have even deployed trial programs with emerging tech, such as IoT. Vodafone found in a survey that 34% of companies use IoT in some capacity. Simply deploying a pilot or test run of IoT within your organization is just scratching the surface. IoT technology has been revolutionizing industries and has even created new ones. Look at how we commute or use transportation today — IoT has transformed the shared transportation industry. For example, consider connected scooters, bikes and ride-sharing vehicles, which have changed how we get from point A to point B.
Nearly one-third of companies use IoT in some capacity and likely deployed the technology with a specific goal in mind. With the power to transform industries and have a disruptive effect on business, organizations using IoT must know how to move beyond the initial idea and turn it into widespread change. The reality is 84% of IoT adopters report growing confidence in IoT, according to Vodafone’s 2019 IoT Barometer, with 83% enlarging the scale of deployments to take advantage of full improvements. How can businesses dive in and take full advantage of IoT? Organizations can put key steps and strategies in place to take their IoT implementations to the next level and go from IoT ideas to IoT success.
Investigate existing IoT technology
Now is the time to take advantage of IoT technology and integrate it with existing infrastructure. Off-the-shelf services provide quality mechanisms that even the most sophisticated organizations use to receive the best possible ROI and user experience.
In some cases, existing technology offers a quick and low-risk alternative, especially in cases such as smart light or other digital building mechanisms. Even IoT-enabled security systems are being bought as a plug-and-play technology. These IoT mechanisms can be retrofitted, tailored and customized to fit the needs of IoT services.
Explore your connectivity options
To guarantee the best IoT implementations, you must explore your options. All IoT applications come with a different set of requirements, which means there are many different paths to take. The goal remains the same — to implement projects quickly and provide a better end-user experience.
This is why so many organizations use a range of connectivity options for their IoT projects. The Vodafone IoT Barometer identified the most commonly used options, including cellular, which is used by 76% of adopters; Wi-Fi, used by 69% of adopters; and a fixed line, used by 33% of adopters.
Get ready for 5G
5G is the future, and its improvements go beyond expectation. Not only does it support high performance, but also improved security, more credentialing options, improved quality of service management, more specialized and tailored services and drastically decreased latency that cuts transmission delays to mere milliseconds. Currently more than half of adopters consider using 5G.
Build on your experience
Companies generally start with a planned use for IoT when they adopt it. Often the popular uses are easier to implement, such as using IoT for improved efficiency. Once you experience the opportunity that IoT provides, it’s important to recognize how to gain additional enhancements.
The possibilities become endless. For example, organizations now use IoT to detect specific events, such as an impact or a leak. It doesn’t even require new hardware, sometimes just synthetic sensors. Building on your experience will aid in your organization’s continued growth. Eventually you won’t be concerned about cost-savings, and have more time to focus on revenue growth.
Get the expertise you need
It takes a dedicated team to implement IoT, whether it’s built internally or hired externally. Even with internally dedicated teams, don’t be afraid to work with third party specialists. 53% of organizations with dedicated internal teams still use third parties because they don’t have the expertise to do it alone. 60% of all surveyed adopters rely on third parties for IoT expertise. When you expand upon your IoT implementations, it’s important to have the necessary support to guarantee success.
Build security in from the outset
Security is a beast that needs to be tackled, but it’s not a reason to reject innovation. If you build in security from the beginning, it doesn’t have to be a barrier. Organizations can use third-party partner ecosystems to implement strong security and data management mechanisms. If that isn’t enough, you can take a range of measures to improve the security of IoT devices, such as training your staff or testing IoT devices during the development phase. As organizations do more with IoT, their confidence in security tends to grow. IoT is expanding and that will only continue. Companies that implement IoT will see that it’s easier than ever to get started and that there are advantages throughout the journey.
The ability to connect devices is becoming the standard across all facets of technology. We are seeing this in everything from smart cities to tea pots and toasters. New IoT devices are popping up daily, rapidly adding to the 23 billion that already exist. These devices are designed for availability, accuracy and efficient work. Unfortunately, unprecedented numbers of these devices are hitting the market with poor security access control and little to no management oversight, making them a prime target for cyberattack. The goal of an attack is to control the device, but more common and concerning are the new ways an attacker can use devices to gain access to corporate, medical or operational networks. As a result, organizations must change the way they approach their security controls. It is no longer feasible to assume a security team can find every endpoint device, much less secure them.
The concept of predict, prevent, detect, respond are not new and are commonly seen within security frameworks. There is an imbalance of investment in prevention, which creates exposure when these defenses fail or get bypassed. With the proliferation of IoT devices that lack necessary security controls and governance, they create new risks that must be addressed. Organizations must address the cyber battle inside the network and focus on scalable early detection and programs that efficiently respond to successful infiltration.
IoT is a challenging, top-of-mind concern for defenders. In a recent Attivo Networks survey of more than 450 cybersecurity professionals, one-third of respondents reported securing specialized environments, such as IoT, as a top concern. Post-survey discussions indicated these concerns were based on lack of visibility into devices added to the network, ability to change or control passwords, ability to patch devices and lack of awareness when these devices were being misused. In the case of medical IoT, it is often illegal to make changes to these devices based on the concern that any post-factory adjustment could alter the operation of the device and potentially negatively affect patient safety.
Here are some of the most common threats facing these highly targeted attack surfaces and tips on how to guard against them:
Protecting specialized networks
Specialized networks have become increasingly common as the need for interconnected communications and on-demand services soars. A wide variety of industries are rapidly adopting interconnected devices in the forms of SCADA, IoT and point of sale, which can be useful for delivering services, recording activities, relaying medical information and financial transactions. Growth in this area shows no sign of slowing, with an estimated 50 billion connected IoT devices expected by next year. The growth means potential new entry points for attackers.
Default passwords use is one of the most common exploits used to attack these networked devices. Easily compromised access credentials continue to plague devices, as far too many manufacturers continue to ship them with a single default set of credentials that either don’t require a change at initial setup or don’t provide an option to change them. This renders a massive number of devices susceptible to infiltration by anyone who can obtain that default username and password, leaving them vulnerable to the same type of attack that gave rise to the Mirai Botnet, one of the most pervasive pieces of malware in history.
Why do common household items like lightbulbs require certification, while IoT devices are not held to any standard? The answer is inherently conflicted in its need to balance competing priorities of safety and innovation. Some steps have been taken to address this issue, and responsible manufacturers now ship their devices with unique passwords so that one set of credentials cannot be used to compromise thousands or millions of devices. Some states, such as California, have passed legislation to codify this practice into law. Federal legislators are also discussing IoT security regulations. However, regulatory progress moves slowly. Regardless of compliance or laws, individuals and organizations should be proactive in managing risk by adding the requirement to automatically change default passwords when they begin using any device.
Finding and updating assets is another problem that plagues organizations with IoT devices. With the rate of innovation, many devices quickly become outdated, and it is difficult to find and install updates. Others in use for extended periods may simply stop receiving updates from the manufacturer at all. Once this happens, it is unlikely that any newly found vulnerabilities can be patched, making them appealing targets for attackers.
Organizations can combat this situation by implementing an effective lifecycle management plan for all connected devices. Establishing controls to know where devices are and when the manufacturer no longer supports a device can mitigate risk. Properly vetting suppliers and purchasing from companies that provide password management flexibility and effective maintenance plans that align with one’s business models can also address this issue.
Infrastructure represents an increasingly attractive target
U.S. National Intelligence Director Dan Coats recently said that “the warning lights are blinking red” when it comes to infrastructure security. January’s Worldwide Threat Assessment indicated that foreign powers are capable of launching substantial damage to infrastructure and public services by targeting power grids, industrial machinery, and other connected systems.
Outdated equipment is a major issue when it comes to infrastructure security. Many industrial control systems (ICS) predate the internet era, and updating them may not be an easy option based on antiquated operating systems or the inability to obtain downtime for patch management. ICS are also challenged as they sometimes lack physical boundaries for protection. Many don’t possess monitoring abilities and can create additional risks when policies and procedures are not designed with securing ICS devices in mind. Mistakes can also occur in operations, configuration or as the result of unintended human error leaving these devices vulnerable for exploitation.
The human element remains a difficult and persistent problem to solve. Phishing schemes and other human error-based attacks are common throughout many industries, but can be particularly damaging if an attacker gains access to a fuel sensor, traffic control system or power grid. Damage to these networks could result in widespread power outages, traffic mismanagement, and other disasters with the potential for catastrophic loss of life.
Organizations can lower this risk with proper employee training and screening, and adding in detection security controls that alert on policy violations and misconfigurations. This will pick up both unauthorized employee use and when an external threat actor poses as a real employee and uses their credentials to gain unauthorized access.
Visibility and detection
The proliferation of internet-connected devices has inspired many new services and offerings, but it also represents potential risk. Although there is no silver bullet security fix, adding the ability to quickly detect and respond to unauthorized activity quickly is now fundamental to every security program. There are several options for detection available today. Some are based on a database lookup, traffic or behavioral analysis, while others are based on deception technology. Each has its merit, though many have shortcomings related to their ability to operate effectively for operational technology.
Deception technology is quickly separating itself from the pack as a commonly deployed detection control. The technology provides visibility to assets being added to the network, attack paths and policy violation activity. Decoys that mirror-match production assets also prove to be an effective way to confuse, slow down and detect attackers early in the attack cycle. Deception platforms are tackling access management and authorization challenges by planting deception credentials and fake application servers to detect credential theft and unauthorized use of legitimate credentials.
Although the use of commercial deception technology is still fairly new, it is now recognized for its ability to simplify detection and response. Engagement-based alerts that are inclusive of adversary intelligence and forensics take decisive action in case of an incident. Given its accuracy, hours are saved by correlating attacks, automating incident response actions and accelerating remediation. Organizations may also implement the technology’s abilities to engage an attacker for more insight into intent, counterintelligence, and building preemptive defenses.
Regardless of attack surfaces that may emerge, or existing ones that may evolve, organizations must adopt new approaches to cybersecurity controls and frameworks to mitigate incoming risks. It is unlikely that the pace of innovation or the hunger for access and services will subside. Legislation will help, but compliance will still never ensure security. With this in mind, defenders must be prepared for today’s borderless networks by adding in network visibility and the tools to detect intruders early, understand their adversaries and respond quickly to any attack originating from any attack surface.