How To Succeed In IoT

It seems as if almost every article about IoT these days describes how insecure companies feel about connected devices.  Just today, yet another article was published that focused on governments’ insecurity.

For IoT providers, there has never been such an amazing time to truly differentiate IoT products, migrate product offerings into long-running, highly-profitable services and bridge the chasm from IoT potential into mainstream enterprise IT operations.

Future-Proofing Is The Key

Once upon a time, it was sufficient to layer in some nonsensical static security measure – SSL/TLS, PKI, etc… – and call a connected device “safe”.  As continuous hacks have educated businesses, potential enterprise customers now realize that anything static will simply fail at some point down the road.  With the scale and complexity of larger scale IoT systems, companies are figuring out that these systems can not be easily updated, fixed or really managed.  These past disasters are forcing customers to look for better alternatives.

Future-proofing will soon become the highest priority for the IoT in terms of protection.  Devices will need to demonstrate an ability to overcome hacks, change security and adapt without manual, device-by-device, intervention.

That ability is an amazing opportunity for device manufacturers that are interested but, more so, for device integrators.  The ability to adapt over time requires proactive monitoring and updates and those features, in turn, require services.  Specifically, SaaS models that centralize security across customers while still maintaining customer privacy.

And yes, it does exist.

Bridging The Gap

Security aside, the single biggest reason enterprise IT has not embraced the IoT to a larger degree is the lack of centralized administration.  These groups require familiar tools that remove the complexity of the vendor-specific technologies and enable largescale control.  Administrators already have powerful tools for traditional enterprise spaces and the thought of adding massive new systems without these management capabilities is nonsensical at best.

Fortunately, the exact same system for security services, if properly built, can be leveraged for centralized administration.  Both systems need a blockchain-secure means of sending updates.  Both require feedback from devices, indirect administrative control and the ability to manage devices without unwanted operational interference.

The Final Step

The last step in this process is for device manufacturers and integrators to accomplish these centralized services without interference to their current IoT efforts.  It is not sufficient to force applications to be re-coded, hardware to be added or any other major impacts to the target IoT functionality.  As such a secure management capability has to occur invisibly to the operational layer of these devices and it needs to run over pre-existing connections and network configurations.

Any such solution requires an easy integration option which requires zero expertise from IoT developers that most likely have no cybersecurity knowledge.  By providing an insulated deployment, this type of service can readily work across vendors without a) compromising a vendor’s offering and b) requiring an endless number of one-off integrations.  For device integrators, this is the ultimate solution.

For device manufacturers, the ability to provide future-proof IoT devices, upon which any IoT software can be added, is a significant differentiator that addresses security requirements without necessarily locking the manufacturer into a security provider role.  In fact, any properly-configured secure management service would be activated by enterprise customers and supported by higher-level integrators or global security service providers.

Cybersecurity and centralized administration are major issues in the connected device world and represent a massive opportunity for the first providers of future-proofed devices.