The billions of data-collecting devices that form the growing Internet of Things (IoT) can be combined with big data analytics to provide an unprecedented level of information to government agencies. But, they can also pose security risks, both as potential entry points to government networks and to citizens’ private data. Find out how these three technologies—IoT, big data and security—fit together, and what it means to your federal customers.
IoT: billions of connected devices
The Internet of Things (IoT) is a growing mass of connected devices from cars to smartphones to wireless wearable products. Depending on who you listen to, IoT will reach either 26 billion or over 200 billion devices by 2020. Market size estimates convey a similar range, with experts predicting IoT will become a $1.9 trillion (Gartner), $7.1 trillion (IDC) or $19 trillion (Cisco) market by 2020. While the numbers vary, what’s clear is the exploding reach of IoT.
Big data: massive information received
For federal agencies, the upside of IoT is the ability to collect millions of data points that can be used to solve real challenges, like predicting weather, protecting our borders, tracking federal assets and boosting government efficiency. Agencies can use big data, machine learning and predictive analytics to mine the IoT data for actionable information that can forecast storms, monitor federal buildings, manage power grids, predict public health trends, improve logistics for military assets and much more.
Security: a growing set of risks
The problem is that all of these connected IoT devices feed data into the internet. If unprotected, hackers could infiltrate the network and either steal data, or if sophisticated enough, take control of the devices or even the network itself. At the federal level, that can put real lives at stake.
Case in point: One recent news report highlighted the danger of what can go wrong, when a fitness tracking app posted their “global heatmap” and accidentally revealed secret U.S. military bases and CIA “black” sites around the world.
“The biggest risk of IoT devices is that, intrinsically, they’re poorly secured—and there are no security protocols that can be uniformly applied across all types of IoT devices,” said Tom Norman, technology consultant II (global security consultant) for Ingram Micro. “As they proliferate into ever-larger numbers of devices on systems, this becomes a bigger and bigger challenge. The risk of real physical harm, including the potential of fatalities in large numbers, is a real possibility with IoT devices as they exist on networks today.”
What can be done?
Several Ingram Micro experts offer their advice to resellers supporting federal agencies:
- Set strict controls: To limit security risk, IoT devices must be segregated and isolated within the network to only communicate with authorized devices and banned from communicating with anything other than a specific TCP/IP address or specific port on the network. [Note: Ingram Micro will soon release a sample IoT security policy, providing universal suggestions for networks of any size.]
- Partner carefully: On the IoT device level, work with reputable vendors that have placed stringent R&D efforts into securing their devices.
- Take a holistic approach: Security is needed at the device level (where info is collected), the network level (how the info is sent) and also the cloud level (where the info is stored).
- Have a holistic disaster recovery plan. If security is breached, make sure federal customers have a backup plan for their data and their physical assets.
- Ease customers’ fears: Encourage your federal customers to not be afraid of the technology, but to explore it, thoroughly test it and get engaged early so they can develop best practices.
- Get educated on blockchain (and how it can help secure data and limit exposure): Watch for innovative companies getting into blockchain, and be prepared to jump into the right solution when it presents.
For more information on IoT devices, big data and security measures, contact the Ingram Micro Partner Technical Enablement team.