Influence of Internet of Things (IoT) infrastructure on Zero Outage
The Internet of Things is a growing market, one that is currently enjoying millions of new IT endpoints being established. By 2025 there will be approximately 75 Billion IoT devices – meaning they will form the largest IT infrastructure in existence. There is a need for security to simultaneously match this growth-rate of IoT technology. One of the most important aspects to this is the availability of backend infrastructure which these devices connect to. The data center is seen as THE integration point, as it stores, manages and processes the data sent/received by the IoT devices. One key question remains: how are both data centers and the Zero Outage goal being influenced by IoT infrastructure?
Let’s begin by examining the impact from alternative perspectives:
How can the data center cope with an ever-growing volume of “things”?
There is an ever-increasing number of “things” being connected to backend systems. Which is providing the backend with further work and exponentially more data to interpret, check, secure, store, watch, patch etc. Apart from quantity issues, there are also new quality aspects to be considered. Huge areas of IoT infrastructure will have restricted control that is less in line with classic data center components. In some cases it may mean that even compromised devices will be incorporated into the IoT infrastructure – Forrester claims this is the Zero Trust Model. From a Zero Outage security perspective, the approach must include factoring-in the areas of process, platform, people and architecture – whether to extend existing services or to create new ones.
How can we trust these connected devices?
Unfortunately, there is no generic answer to this question. The level of trust in IoT depends on several factors, such as device functionality and operational model, the service itself that IoT devices are integrated into, a rising risk in cyber-threats etc. According to security expert and Harvard Law School fellow, Bruce Schneier – IoT security, in general, is not in good shape, ‘secure by design’ still not a guiding principle. “Within the upcoming years I’d expect [a] higher focus on securing IoT infrastructure, but untrusted or captured ones will be built up and remain too.” The question of how to regain trust has not adequately been answered yet.
What is the threat from a Zero Outage perspective?
The first recommendation is to secure the backend system being directly attacked via IoT infrastructure. The second is far more difficult to judge. Looking at IoT use cases within different industries there is often one trend that they have in common: information gathered from IoT devices is often used within automated services – such as requesting maintenance or managing production. Unless foreseen, an injection of false information easily has the potential to harm operations – with the possibility of this leading to severe incidents. Intensive usage of the internet makes data center operations far more prone to denial of service attacks too.
What might be the impact if IoT infrastructure (including backend) fails?
- Any hacked IoT infrastructure could impact user safety or enterprise reputation. In some industries, the IoT environment is considered to be its critical infrastructure. Regulation has the power to strongly influence infrastructure operations and therefore needs to be applied to all related services. In my opinion, IoT infrastructure will become more regulated as cyber threats continue to increase in the future.
- As far as IoT services are concerned, the focus will need to be extended to include data centers which are partially responsible for their management and operation.
The information contained in this document is contributed and shared as thought leadership in order to evolve the Zero Outage Best Practices. It represents the personal view of the author and not the view of the Zero Outage Industry Standard Association.