I believe the Internet of Things (IoT) has reached a tipping point where we will soon see the pace of connected devices accelerate. I say this because when I talk to organizations about their digital initiatives, they are connecting “things” without ever saying “IoT” or thinking about it as a separate thing. Markets hit mass adoption when things are no longer the exception, but rather the norm. Consider the Internet as an example. At one time it was an afterthought in an organization’s strategy and now there’s no company that would do anything without considering their Internet strategy. Similarly, in a few years we will just assume everything is connected. We are so close to having this be the new normal.
Data from ZK Research bears this out, as only 10% of companies have no plans for IoT. The rest of the 90% are somewhere between researching and deployed with 32% currently testing or in production. However, there is one roadblock that stands in the way and that’s solving the security challenges. Another data point from ZK Research found that 71% of respondents to a survey cited security as the top inhibitor to IoT. The security challenges are multi-dimensional and often include overlooking physical security, a lack of awareness of what devices are on the network, understanding what new tools are available, and making cybersecurity simple.
Complimentary White Paper Download: Overcoming IoT Security Challenges
Overcoming IoT Security Challenges
One of the keys to closing the IoT security gap is to find the right security vendor or vendor(s). I’m not a believer in trying to cobble together a bunch of point products from a bunch of disparate vendors. ZK Research found that the average number of security vendors is 32 today and I’ve seen some analyst reports that peg this number in the 70s. Whether there are 10, 30, or 70 the fact remains that MORE vendors doesn’t necessarily mean you are more secure. In fact, it likely means more complexity, which leads to the environment being less secure.
The term “end-to-end” is used very liberally by vendors and there are a couple of tests to determine whether the portfolio is truly end-to-end or a bunch of acquisitions cobbled together. A true end-to-end solution would have a high degree of automation to speed up a coordinated response to threats. Also, the performance across the product line should be consistently high instead of having some devices perform well and others poorly.
Once the vendor is chosen, deploying the technology still isn’t “plug and play”. Implementing IoT can be a highly complex process that many organizations aren’t equipped to handle because of a lack of skills, time and resources. Unless the organization has gone through several IoT deployments, it’s likely there is a gap in the skills required to make the deployment a success. A strong service partner can help close the skills gap across every phase of the project life cycle, including the following:
- Planning: Ensure business goals are aligned with IT deployment strategy and identification of security risks up front.
- Design: Map the capabilities of a security solution to IoT risks and plan for the unexpected.
- Implementation: Ensure the security is deployed correctly. With IoT creating so many new entry points, this is critical to securing the business.
- Operation: Audit processes and optimize the deployment of the technology. Regular audits must be conducted to find new security risks and remediate them before they become issues.
Services can be deployed in two different ways. For businesses that prefer to maintain control of their security operations, the services partner can provide skills to augment the organization’s own team. For example, a company may have the necessary skills to create a plan, but lack the talent and best practices to deploy it. In such cases, the service partner can help with those tasks to ensure success. Business leaders who wish to focus on their core operations and offload all security operations can leverage a managed services -provider to take over security operations.
You May Also Like: Four Steps to Staying Secure
As is the case with vendors, not every service partner is the same. When selecting one, ensure it has a proven methodology based off something like ITIL (a set of best practices that focuses on aligning IT with business requirements). This will ensure predictable and high quality results that should be repeatable. Also, vertical knowledge is extremely important to drill down on specific business requirements to ensure that business outcomes are realized regardless of a company’s compliance, regulatory or other needs. A good example of a services company that has partnered with a technology vendor is Carousel, who has a deep, long lasting relationship with Fortinet. This ZK Research report provides a detailed look at how the two companies work together to ensure its customer are successful with their IoT deployments.
In addition to the security challenges, Carousel can help with many of the network, cloud, and other infrastructure issues with IoT. The key is to use a company like them to fill the talent gap created in this fast moving, ever-changing market.
The IoT wave is coming and coming fast and businesses need to prepare to handle the influx of literally billions of devices. If security is a concern, and it should be, the challenges can be overcome by choosing the right technology partner who is supported by a high quality services partner.