In this special guest feature, Sarah Lahav of SysAid Technologies discuses how the Internet of Things (IoT) will forever change the IT industry and what to prepare for. As the company’s first employee, Sarah has remained the vital link between SysAid Technologies and its customers since 2003. She is the current CEO and former VP of Customer Relations at SysAid – two positions that have fueled her passion in customer service.
The Internet of Things (IoT) seems to have been a long time coming. However, we are now at the point where most enterprise IT organizations need to finally prepare themselves for IoT – from both a security and IT management perspective.
From an InfoSec perspective, there are a number of concerns to consider and address:
- IoT device volumes. It’s the security of a whole new breed of network-connected end points – particularly given the media’s increasing interest in high-profile, blue chip company security breaches.
- Data security. There will probably be insufficient security functionality embedded within the IoT devices, at least for now, due to a lack of local resources or capacity. Instead, security might need to reside within the web service in front of the device.
- Message integrity and secure communication. The route that data takes from the IoT device to its ultimate destination might be an issue. For instance, the route might be via a local data collation hub – with the potential for sensitive data to be stored in insecure locations the concern, along with transmission-based security needs.
- The use of third-party cloud service providers. It’s a likely necessity, given the potential volumes of machine-to-machine (M2M) data. There’s nothing new for enterprise IT organizations here – it’s the risks associated with things such as scale, identification and authentication, data access, and legislative boundary restrictions.
- Data privacy. As with anything related to data these days, IoT-related privacy risks need to be considered and addressed. As IoT devices collect and aggregate data related to their operation (and ultimate business purpose), the collection and collation will create larger data sets that will no doubt lead to concerns about data privacy. This is again nothing new for enterprise IT organizations; it’s just another facet of the Big Data challenge they probably already face.
From an IT management, and IT operations, perspective there are a number of changes to consider and address:
- Scale and capacity. IT operations teams will need to tackle capacity-related issues such as network and IP address management – having to meet the massive demand for more IP addresses and increased data volumes.
- Tighter business relationships. Enterprise IT organizations will need to look beyond traditional IT capabilities, such as availability and capacity management, to work closer with business colleagues on how these now-connected devices do, can, and will tie-in to business operations and business models.
- Data analytics. Not only will the IoT devices necessitate the availability and capacity management scale-based change, there will also be new Big Data analytics needs related to the wealth of new devices connected to the network and the data they transmit.
- More service management. Service and fault management will no doubt increase the workloads of already under-pressure IT support groups. There is also a loop back to the cloud security issue, with the IT pros responsible for managing third-party cloud services needing to not only monitor cloud service levels and costs but also the adherence to security-based contractual terms.
- Increased automation. We’ve already seen the growth in enterprise IT automation, and not just in the traditional automation of repetitive, and labor-intensive, data center tasks. This reduces the need for manual processes and therefore the need for people. As the need for IT management capabilities in the new world of IoT far exceeds an IT organization’s existing manual capability, the need for automation can only increase.
Thus IoT will dramatically change enterprise IT organizations and its people – with the latter subject to volume, skillset, and potentially mindset change.
Sign up for the free insideBIGDATA newsletter.
I agree that “As IoT devices collect and aggregate data related to their operation (and ultimate business purpose), the collection and collation will create larger data sets that will no doubt lead to concerns about data privacy.”
Many organizations may not even know what sensitive data they collect into Big Data from different IoT sources. There is also shortage in Big Data skills and an industry-wide shortage in data security personnel. I think that many organizations shortly will be struggling with a major big data barrier:
1. I think a big data security crisis is likely to occur very soon and few organizations have the ability to deal with it.
2. We have little knowledge about data loss or theft in big data environments.
3. I imagine it is happening today but has not been disclosed to the public.
Big Data technology vendors up until recently have often left data security up to customers to protect their environments, as they too feel the burden of limited options. The good news is that Several Big Data vendors have now partnered with data security vendors to help fill this gap in skills and security tools.
Ulf Mattsson, CTO Protegrity