IoT and the New Security Model

By Special Guest
Chris Crosby, founder and CEO, Compass Datacenters
February 14, 2017

By any measure, IoT represents an evolutionary leap in the collection, processing, and actionability of data. A recent study by Business Insider predicted a 41 percent CAGR for new IoT installed devices over the next four years. Gartner estimated that this rate of growth will culminate in 24 billion IoT connected devices by 2020. These projections would seem to be supported by the results of a survey of 5,000 businesses worldwide included in an AT&T Cyber Security Insights Report. Over 85 percent of responding companies said that they were implementing or planning to implement IoT solutions.

Implementing IoT: A Security Disjoint
The nature of IoT operations increases the potential points of network vulnerability. For many companies, the enthusiasm for the benefits that IoT can provide may outstrip prudent planning. For example, the AT&T Cyber Security Report cited earlier found that although 85 percent of companies that it surveyed were moving “full steam ahead” on their IoT efforts, only 10 percent said they felt confident that they could secure their networks against hacking. In some circles, this is known as a “leap of faith.”

The Current State of Security
As you would expect, the security structures that protect today’s data center-based networks vary widely depending on the perceived needs of the organization. Firewalls and VPN may be more than sufficient for some, while others incorporate both internal and externally provided functionality to ward off potential intruders. In the majority of instances, the security structure used is a function of the sensitivity of information, the availability of resources, both financial and human, and the applications that are supported. Increasingly, the data processing demands of applications such as small packet, high volume IoT and large rich packet applications (video) are expanding network scope and pushing processing and access points ever closer to customers (and further away from more traditional centralized security implementations). Thus, the risks associated with performance and the proliferation of potential points of access malicious intruders increase accordingly. As a result, security requirements must become more sophisticated to address a much broader spectrum of unauthorized seekers of access and using an ever-changing array of intrusion and/or interruptive methodologies.  The dynamic nature of these potential network threats will increasingly demonstrate the difficulty of many existing IT departments to keep pace. The need for specialized tools, techniques, processing capacity, bandwidth/throughput, certifications, Increases exponentially and is completely dynamic in the latest trends and techniques in the black art of hacking. A more effective solution and its implementation will most likely be via a third party rather that attempting to build and internal team of security specialists. In essence, an outsourced security service delivered via the cloud/SaaS model.

The New Outsourcing Model
Whereas outsourcing of security has previously been characterized by a conglomeration of vendor provided services and equipment procured as part of one or more annualized contracts, this structure is unsustainable moving forward. The rapidity of both the availability of new applications and the methods used to exploit them make “nimbleness” the underlying foundation for the new outsourcing model. Delivered via cloud/Security as a Service methodologies offered by providers such as StackPath, customers will no longer “bolt on” security capabilities on an ad hoc basis to their networks, but rather, integrate the necessary components into their operations on an “at will” basis. Under this new structure, new capabilities are easily added, as they are developed by the provider, to enable users to inoculate themselves from new threats as they arise. End users will also gain a level of flexibility that is impossible under the current security paradigm as the lack of long-term agreements will enable them to move between providers as necessary, in response to the movement of key provider personnel, for example.

The speed and complexity of data center-based applications is a double-edged sword in that a wealth of new opportunities also presents a number of enticing targets for hacking and malicious service disrupting attacks. For many enterprises, the emergence of additional security risks outstrips the expertise of their personnel, and the number of trained professionals in these areas is currently dwarfed by demand. As a result of this disparity between supply and demand, enterprises will increasingly require firms to outsource all, or portions, of their security operations to fill this void. "Cloud/Security as a Service" offerings will offer them the nimbleness and flexibility required to operate in increasingly demanding environments where innovation will often be married to enhanced threat potential.

About the Author: Chris Crosby is the founder and CEO of Compass Datacenters and a former senior executive and co-founder of Digital Realty Trust. He is one of the most respected voices in the data center industry, with more than 20 years of technology experience and more than 15 years of real estate and investment experience. His prior roles included work for Proferian (an operating partner for the GI Partners portfolio), CRG West (now Coresite) and Nortel Networks.

Edited by Ken Briodagh

Related Articles

IoT Zombie Apocalypse and Post-Quantum Crypto: A Q&A with Infineon's Steve Hanna

By: Paula Bernier    2/23/2018

Steve Hanna has seen it all. But one thing Infineon's senior principal has not seen - and doesn't want to see - is the IoT zombie apocalypse.

Read More

Sustainable Smart Cities and How Natalia Olson-Urtecho Leads with Passion

By: Cynthia S. Artin    2/23/2018

Natalia Olson-­Urtecho is a city planner by education, a technologist by life­long learning, and a visionary strategist in the brave new world of conn…

Read More

IoT Accelerators on the Rise

By: Ken Briodagh    2/22/2018

Everyone in the IoT is looking for the best way to grow the industry, while also finding partners that will help their own companies grow. At the mome…

Read More

IoT for The Aging: You're Never Too Old To Innovate

By: Special Guest    2/22/2018

In the digital era of smarter cities and smarter homes, one of the biggest potential markets for IoT solutions is enabling aging people to remain inde…

Read More

Haltian Delivers Devices and Data to Lindstrom Textile Company

By: Ken Briodagh    2/22/2018

Finnish Internet of Things (IoT) device manufacturer Haltian reportedly is supplying Lindström with more than 100,000 IoT devices and a managed IoT da…

Read More