Menu

IoT FEATURE NEWS

IoT and the New Security Model

By Special Guest
Chris Crosby, founder and CEO, Compass Datacenters
February 14, 2017

By any measure, IoT represents an evolutionary leap in the collection, processing, and actionability of data. A recent study by Business Insider predicted a 41 percent CAGR for new IoT installed devices over the next four years. Gartner estimated that this rate of growth will culminate in 24 billion IoT connected devices by 2020. These projections would seem to be supported by the results of a survey of 5,000 businesses worldwide included in an AT&T Cyber Security Insights Report. Over 85 percent of responding companies said that they were implementing or planning to implement IoT solutions.

Implementing IoT: A Security Disjoint
The nature of IoT operations increases the potential points of network vulnerability. For many companies, the enthusiasm for the benefits that IoT can provide may outstrip prudent planning. For example, the AT&T Cyber Security Report cited earlier found that although 85 percent of companies that it surveyed were moving “full steam ahead” on their IoT efforts, only 10 percent said they felt confident that they could secure their networks against hacking. In some circles, this is known as a “leap of faith.”

The Current State of Security
As you would expect, the security structures that protect today’s data center-based networks vary widely depending on the perceived needs of the organization. Firewalls and VPN may be more than sufficient for some, while others incorporate both internal and externally provided functionality to ward off potential intruders. In the majority of instances, the security structure used is a function of the sensitivity of information, the availability of resources, both financial and human, and the applications that are supported. Increasingly, the data processing demands of applications such as small packet, high volume IoT and large rich packet applications (video) are expanding network scope and pushing processing and access points ever closer to customers (and further away from more traditional centralized security implementations). Thus, the risks associated with performance and the proliferation of potential points of access malicious intruders increase accordingly. As a result, security requirements must become more sophisticated to address a much broader spectrum of unauthorized seekers of access and using an ever-changing array of intrusion and/or interruptive methodologies.  The dynamic nature of these potential network threats will increasingly demonstrate the difficulty of many existing IT departments to keep pace. The need for specialized tools, techniques, processing capacity, bandwidth/throughput, certifications, Increases exponentially and is completely dynamic in the latest trends and techniques in the black art of hacking. A more effective solution and its implementation will most likely be via a third party rather that attempting to build and internal team of security specialists. In essence, an outsourced security service delivered via the cloud/SaaS model.

The New Outsourcing Model
Whereas outsourcing of security has previously been characterized by a conglomeration of vendor provided services and equipment procured as part of one or more annualized contracts, this structure is unsustainable moving forward. The rapidity of both the availability of new applications and the methods used to exploit them make “nimbleness” the underlying foundation for the new outsourcing model. Delivered via cloud/Security as a Service methodologies offered by providers such as StackPath, customers will no longer “bolt on” security capabilities on an ad hoc basis to their networks, but rather, integrate the necessary components into their operations on an “at will” basis. Under this new structure, new capabilities are easily added, as they are developed by the provider, to enable users to inoculate themselves from new threats as they arise. End users will also gain a level of flexibility that is impossible under the current security paradigm as the lack of long-term agreements will enable them to move between providers as necessary, in response to the movement of key provider personnel, for example.

Summary
The speed and complexity of data center-based applications is a double-edged sword in that a wealth of new opportunities also presents a number of enticing targets for hacking and malicious service disrupting attacks. For many enterprises, the emergence of additional security risks outstrips the expertise of their personnel, and the number of trained professionals in these areas is currently dwarfed by demand. As a result of this disparity between supply and demand, enterprises will increasingly require firms to outsource all, or portions, of their security operations to fill this void. "Cloud/Security as a Service" offerings will offer them the nimbleness and flexibility required to operate in increasingly demanding environments where innovation will often be married to enhanced threat potential.

About the Author: Chris Crosby is the founder and CEO of Compass Datacenters and a former senior executive and co-founder of Digital Realty Trust. He is one of the most respected voices in the data center industry, with more than 20 years of technology experience and more than 15 years of real estate and investment experience. His prior roles included work for Proferian (an operating partner for the GI Partners portfolio), CRG West (now Coresite) and Nortel Networks.




Edited by Ken Briodagh


SHARE THIS ARTICLE
Related Articles

IoT Time Preview: Agriculture Chapter

By: Ken Briodagh    3/30/2017

In this weekly series, we'll be previewing chapters for you to read in the hopes that you'll like it enough to read "IoT Time: Evolving Trends in the …

Read More

Bain & Co Announce New IoT Study, US Still Behind Europe

By: Ken Briodagh    3/29/2017

Bain & Co's tech practice is announcing a new study on the Internet of Things, according to a recently released .pdf of the report on the results. The…

Read More

Litmus Automation Expands in Japan with Smart Transportation and Manufacturing IoT Platform

By: Ken Briodagh    3/29/2017

In a recent announcement, Litmus Automation, an Internet of Things (IoT) platform provider, has said it is expanding into Japan with the addition of a…

Read More

Qualcomm Appoints Dr. James H. Thompson as Chief Technology Officer

By: Ken Briodagh    3/29/2017

Qualcomm Incorporated has announced that it has appointed Dr. James H. Thompson, Executive Vice President of Engineering, Qualcomm Technologies, to th…

Read More

Avnet Names Lou Lutostanski as Vice President, Internet of Things

By: Ken Briodagh    3/28/2017

Avnet, a global technology distributor in the IoT, has announced the promotion of Lou Lutostanski to the role of Vice President of Internet of Things …

Read More