More devices, more connections, more user demands, more complexity
The mobile, social web has grown to include millions of users, devices, and connections around the world. The Internet of Things (IoT) has added billions of devices and connections to the mix. Predictions for the number of connected IoT devices in 2020 range from 20 to upwards of 50 billion.
Those devices range from sensors to smart speakers to break room coffee makers to warehouse security systems. And more are coming, to consumer, commercial, and industrial markets. Business advisors at Accenture have estimated the Industrial Internet of Things (IIoT) alone could add $14.2 trillion to the global economy by 2030. “Arguably the biggest driver of productivity and growth in the next decade, the Industrial Internet of Things will accelerate the reinvention of sectors that account for almost two-thirds of world output.”
The growth of the IoT and IIoT are not only transforming activities and functions from agriculture to healthcare. The IoT and all of its variants present multiple opportunities and challenges to every IT decision maker at every business.
The Internet of Things (IoT) and IT: Opportunities and Challenges
CompTIA is a leading IT industry membership association. In its IT Industry Outlook 2018 report, the group cites the IoT as one of 12 “2018 Trends to Watch.” And the group’s research offers a solid summary of the IoT’s potential benefits and challenges to IT management.
“IoT devices are rapidly making their way into corporate spaces. From gathering new data to automation of infrastructure, companies are finding many benefits from adding connectivity and intelligence to physical infrastructure. Unfortunately, the relatively low cost of IoT devices is not reflected in the cost of system maintenance and optimization. Adding digital capabilities to everyday components drastically increases the scope of IT responsibilities. Additionally, new skills are needed for the different types of data streams being generated and the advanced analysis that companies want to perform. Automation will certainly help ease these burdens, but IoT strategies will still further complicate the already-difficult redefinition of the IT function.”
IoT devices are already performing multiple tasks at business facilities of all sizes and types. Connected coffee makers and microwave ovens are controlled via smartphone apps in break rooms. Smart video monitors display information to employees and visitors. Connected video cameras make conferencing more accessible and flexible.
All well and good. Except that too many so-called “smart” devices have little or no built-in security. Many don’t even have accessible, modifiable passwords. This makes them difficult if not impossible to incorporate into the cyber security protections at a business.
Further complicating the security challenge is the “rogue IoT” problem. IT teams are constantly challenged by “rogue” or “shadow” deployments of IT resources by users. Almost anyone with a credit card and online access can spin up a cloud-based application or complete virtual computing environment, without the knowledge or permission of the IT team. Similarly, almost anyone can bring an IoT device to work and connect it to a corporate Wi-Fi network, without asking or telling anyone in IT. And if IT doesn’t know about it, IT can’t secure or manage it.
No wonder, then, that IoT devices are a prime target for hackers looking to disrupt legitimate networks. Typically, an attacker will use malware to ensnare poorly secured IoT devices into “botnets” of hundreds or thousands of nodes. These botnets are then used to hobble targeted networks with distributed denial-of-service (DDoS) attacks, infect and enslave more devices and computers, or both.
The IoT: How Best to Prepare?
The two most valuable steps you can take to prepare your IT estate for the IoT are to implement comprehensive discovery and IT asset management (ITAM). You must be able to know about everything connected to your network. You must also be able to know about every new attempt to connect to your environment, by any type of device.
Your discovery solution must also be able to capture and document information about the relationships that link devices to each other, your services, and your users. And your discovery solution must monitor your environment constantly for unknown devices and unauthorized connection attempts.
Your ITAM processes and solutions must take full advantage of the information generated by your discovery efforts. Your ITAM efforts must use that information to respond automatically to unauthorized connection attempts, from within and outside your environment. Those efforts must also immediately flag and isolate any connected device that does not meet minimum security requirements at your business.
As your IT estate expands and matures, your discovery and ITAM solutions should integrate seamlessly with your chosen IT service management (ITSM) solutions and processes. And all of these efforts must be closely harmonized with cyber security initiatives at your business. (A recent webinar co-hosted by Virima and follow-up address the bringing together of IT and cyber security operations and management in detail.)
The IoT and IIoT are already changing the world, and are likely already changing or poised to change IT at your business. By implementing effective discovery and ITAM solutions and processes, you can embrace the changes that can help your business, while avoiding the challenges that can hobble it.
Get Your Discovery and ITAM Efforts “IoT-Ready” with Virima
Virima’s solutions for IT asset discovery and IT asset management (ITAM) have the features you need to take advantage of IoT developments while protecting your business from IoT vulnerabilities. Virima solutions can automatically discover and map your critical IT resources and the interconnections that link them to one another, your applications and services, and your users. In addition, they’re built to be easy to use and configure, and to produce useful, actionable reports about your IT environment, for IT managers and business decision makers. These features can help you and your IT management team work more closely and effectively with your cyber security counterparts, to maximize both the flexibility and security of your IT estate.