Technology professionals walk a perpetual tightrope between innovation and security—new computing paradigms emerge and IT security scrambles behind to catch up. Nowhere is this more evident than in cloud computing and the rising frequency of data breaches targeting cloud infrastructures. And as computing enters another transitional epoch—namely the age of the Internet of Things (IoT)—similar challenges are emerging, but with much more at stake this time around.
These concerns and others around the consumerization and widespread adoption of IoT were the focal points of UpGuard’s 6th podcast episode: IoT with Phil Bosua and Phil Kearney from Soraa. The two Phils were gracious enough to stop by and provide their expert opinions on the matter.
And experts they are: Bosua invented the LIFX connected light bulb, and Kearney—a longtime Apple innovator—is the father of Qualcomm’s AllPlay smart media platform, Apple AirPort Extreme, Express and Time Capsule, among others. Be sure to take a listen for some key insights around the state of IoT.
Peak of Inflated Worries?
Per Gartner’s technology Hype Cycle, IoT is currently at the “Peak of Inflated Expectations.” In other words, IoT is now considered the best thing since sliced bread. Or the connected toaster that tweets you before burning the toast. The world is enamored by the notion of automated, “smart” devices and appliances, but can it sustain the fallout of IoT-driven economies gone wrong? With more and more enterprises deploying IoT/M2M devices to manage supply chains behind the scenes and the self-driving car just on the horizon, there has never been a more opportune time for pondering such questions.
IoT displaces Big Data at the “Peak of Inflated Expectations.” Source: Gartner.
As illustrated above and as late as 2016, Gartner’s Hype Cycle predicts that IoT will next enter the “Trough of Disillusionment.” This period represents a phase of a technology’s lifecycle where it starts to fall short of consumer expectations. That is to say, the technology is not all it’s cracked up to be (e.g., do I really need a Twitter client on my refrigerator?).
Following this is the “Slope of Enlightenment,” where real value is extracted from the deep understanding of the potentials—and risks—of the technology. This also involves fixing major bugs and resolving key security issues.
Finally, the “Plateau of Productivity” sees the technology maturing towards a more leveled adoption path as consumer expectations are realigned with lessons learned from the previous stages.
A Potential Trough of No Return
So how deep will the IoT “Trough of Disillusionment” be? While Gartner’s observed patterns of technology adoption may indeed apply to IoT as well, it’s not clear how deep of a trough or long of a slope must be traversed before reaching productivity. In a not-so-distant future of ubiquitous IoT devices—self-driving cars, autonomous appliances, connected homes and offices—vulnerabilities and failures will have far more devastating ramifications than today’s data breaches in the cloud. Lessons learned from cloud computing (which, incidentally—is currently in the “Trough”) and the current dire state of cloud security underscores the importance of establishing security, manageability, and standards at the onset of technological innovation.
Of course, standards and protocols take time to develop and gain industry consensus. That said, security and manageability can and should be established as early as possible when adopting IoT. Vendors, enterprise adopters, and consumers must take the initiative in establishing effective IoT device management and security measures on their own—even as industry-wide standards and IoT security guidelines/best practices are only starting to coalesce.
IoT and UpGuard
The key precursor to establishing effective IoT device management and security measures is visibility. Knowing how your devices are configured, validating that they are indeed functioning as expected, and identifying critical vulnerabilities and applicable patches are just some of the higher level concerns that can be addressed with UpGuard. Our platform brings crucial discovery/visibility (what’s going on with my fleet of 10,000 M2M devices, what needs to be patched) and accountability (what needs to be serviced, and by who) to your environment, and can scan all node types and devices: servers, network devices, web apps, and yes—IoT devices.
All the information needed to perform a CSR assessment is bundled into the UpGuard platform. Learn more about CSR.
The UpGuard Website Risk Grader provides a low friction way to get an initial assessment of a business' risk profile.
And as we enter 2016, the risk of data breaches in particular threatens to hamper business innovation.