IoT and the New Security Model


By any measure, IoT represents an evolutionary leap in the collection, processing, and actionability of data. A recent study by Business Insider predicted a 41 percent CAGR for new IoT installed devices over the next four years. Gartner estimated that this rate of growth will culminate in 24 billion IoT connected devices by 2020. These projections would seem to be supported by the results of a survey of 5,000 businesses worldwide included in an AT&T Cyber Security Insights Report. Over 85 percent of responding companies said that they were implementing or planning to implement IoT solutions.

Implementing IoT: A Security Disjoint
The nature of IoT operations increases the potential points of network vulnerability. For many companies, the enthusiasm for the benefits that IoT can provide may outstrip prudent planning. For example, the AT&T Cyber Security Report cited earlier found that although 85 percent of companies that it surveyed were moving “full steam ahead” on their IoT efforts, only 10 percent said they felt confident that they could secure their networks against hacking. In some circles, this is known as a “leap of faith.”

The Current State of Security
As you would expect, the security structures that protect today’s data center-based networks vary widely depending on the perceived needs of the organization. Firewalls and VPN may be more than sufficient for some, while others incorporate both internal and externally provided functionality to ward off potential intruders. In the majority of instances, the security structure used is a function of the sensitivity of information, the availability of resources, both financial and human, and the applications that are supported. Increasingly, the data processing demands of applications such as small packet, high volume IoT and large rich packet applications (video) are expanding network scope and pushing processing and access points ever closer to customers (and further away from more traditional centralized security implementations). Thus, the risks associated with performance and the proliferation of potential points of access malicious intruders increase accordingly. As a result, security requirements must become more sophisticated to address a much broader spectrum of unauthorized seekers of access and using an ever-changing array of intrusion and/or interruptive methodologies.  The dynamic nature of these potential network threats will increasingly demonstrate the difficulty of many existing IT departments to keep pace. The need for specialized tools, techniques, processing capacity, bandwidth/throughput, certifications, Increases exponentially and is completely dynamic in the latest trends and techniques in the black art of hacking. A more effective solution and its implementation will most likely be via a third party rather that attempting to build and internal team of security specialists. In essence, an outsourced security service delivered via the cloud/SaaS model.

The New Outsourcing Model
Whereas outsourcing of security has previously been characterized by a conglomeration of vendor provided services and equipment procured as part of one or more annualized contracts, this structure is unsustainable moving forward. The rapidity of both the availability of new applications and the methods used to exploit them make “nimbleness” the underlying foundation for the new outsourcing model. Delivered via cloud/Security as a Service methodologies offered by providers such as StackPath, customers will no longer “bolt on” security capabilities on an ad hoc basis to their networks, but rather, integrate the necessary components into their operations on an “at will” basis. Under this new structure, new capabilities are easily added, as they are developed by the provider, to enable users to inoculate themselves from new threats as they arise. End users will also gain a level of flexibility that is impossible under the current security paradigm as the lack of long-term agreements will enable them to move between providers as necessary, in response to the movement of key provider personnel, for example.

The speed and complexity of data center-based applications is a double-edged sword in that a wealth of new opportunities also presents a number of enticing targets for hacking and malicious service disrupting attacks. For many enterprises, the emergence of additional security risks outstrips the expertise of their personnel, and the number of trained professionals in these areas is currently dwarfed by demand. As a result of this disparity between supply and demand, enterprises will increasingly require firms to outsource all, or portions, of their security operations to fill this void. "Cloud/Security as a Service" offerings will offer them the nimbleness and flexibility required to operate in increasingly demanding environments where innovation will often be married to enhanced threat potential.

About the Author: Chris Crosby is the founder and CEO of Compass Datacenters and a former senior executive and co-founder of Digital Realty Trust. He is one of the most respected voices in the data center industry, with more than 20 years of technology experience and more than 15 years of real estate and investment experience. His prior roles included work for Proferian (an operating partner for the GI Partners portfolio), CRG West (now Coresite) and Nortel Networks.

Edited by Ken Briodagh

Related Articles

FairCom Joins IoT Evolution Expo 2022 as a Platinum Sponsor

By: TMCnet News    12/7/2021

TMC and Crossfire Media today announced FairCom has signed on as a Platinum sponsor for IoT Evolution Conference and Expo which is held February 8-11,…

Read More

IoT Security: Still a Problem

By: Gary Audin    11/30/2021

Poor IoT device security stems results from manufacturers' goal to keep price points low. Security is considered an unnecessary overhead. The limited …

Read More

BrainChip Announces Partnership With MegaChips

By: Luke Bellos    11/26/2021

BrainChip Holdings and MegaChips announced a new business partnership, allowing MegaChips developers to utilize the Akida processing platform to devel…

Read More

Pandemic Puts Industry 4.0 in Perspective

By: Maurice Nagle    11/22/2021

Industry 4.0 is no longer a point on a compass, or a catchy buzzword, analysts inflate. It is taking flight on wireless technology. Richardson RFPD, A…

Read More

Twinning and Winning: Two Experts Duke Out the Definitions and Potential of Digital Twin Technology

By: Matthew Vulpis    11/19/2021

Last week, two top experts in the field virtually came face-to-face in the "Digital Twin SMACKDOWN" in the first episode of ZEDEDA's Transform Digest …

Read More