When discussions about the potential impact of IoT technology turn to the vital matter of security, they tend to focus on the negative consequences. This isn’t wholly unreasonable, in fairness — the prospect of massively ramping-up the collection and sharing of data through the networking of countless new devices should set some alarm bells ringing.
After all, every new connection introduces another point of vulnerability, and it only takes one weak link to compromise an entire chain. Can we really rely on such a system to protect our data, much of which we may need to stay private? The worry gets so intense (disproportionately so, even) that people get stuck on the prospect of disaster.
In doing so, they look past a couple of significant truths. Firstly, the IoT will only enter the mainstream once all the architectural boxes have been ticked and there’s sufficient reason to trust in the strength of its internal security. Secondly, it will also provide many security benefits. Why focus on the risks and forget about the remarkable rewards?
In this piece, then, we’re going to look at how businesses can already use IoT technology to improve their operational security. Let’s get to it:
I touched upon the significance of points of vulnerability when it comes to the IoT, but that also applies to many business operations. Think of a haulage company, for instance, as there are numerous steps to the process of moving items from one place to another: get a location for the pickup, confirm the time, allocate the vehicle and driver, collect the items, store them correctly, transport them along the most logical route, reach the dropoff point, and unload them safely.
Every point in that process can be attacked in some way, and when the items being transported are high-value, there’s sufficient incentive to motivate criminals. The pickup location could be spoofed to ship fraudulent items. The driver’s name could be spoofed to get someone in a position to collect the items and take them elsewhere to be sold.
Because of this, being able to accurately track the process is extremely important — the recipient of the delivery will want to confirm that their items are legitimate and were handled correctly. The IoT can achieve this through tech-supported verification stages (more on the details later), using blockchain storage to protect the data from hackers.
Outside of products, you can also use IoT tech to track employees. This can easily go too far (workers deserve basic privacy), but consider a company of plumbers that invests in training apprentices. When it sends out freshly-trained employees on their own jobs, it can link some of their tools to the IoT to monitor their location and activity — that way, it can see which workers are actually doing their jobs, and which are skipping out.
The aforementioned kind of rich tracking wouldn’t be possible without robust authentication processes — you need someone to sign off on every step, for a start. This is where rich multi-factor authentication (using multiple stages of identity verification) enters the equation. The most common form at the moment is two-factor authentication — used for Strong Customer Authentication (SCA) in ecommerce — but the number can go as high as you need.
It used to be relatively difficult to implement biometrics, for instance, but that’s changed. Today, many smartphones and laptops come equipped with excellent fingerprint scanners and cameras capable of impressive facial recognition (that the Windows Hello standard, for instance). Use these verification methods in combination, and you can achieve incredible security without requiring the use of cumbersome ID cards that can be lost or stolen.
This also deals with the lag inherent to traditional authentication methods, because everything in MFA can be readily enabled or disabled from afar. The moment an employee quits, you can disable their access to business systems — you don’t first need to change their password, delete their account, or request their office key back. This is much more secure.
Indeed, the use of IoT for security ties in nicely with the use of cloud networking systems. You have can have a central control dashboard into which everything integrates (all the users, all the programs, and all the devices), allowing you to see how things are going and make the necessary changes at a moment’s notice.
On the topic of seeing how things are going, there’s often a pressing need for a business to know what’s happening at its physical premises. Despite efforts to move towards paperless operation, people still leave passwords on post-it notes, so there’s danger inherent in someone breaking into a company’s office.
There’s also the matter of monitoring employees that I mentioned earlier: you might know that someone is in the office (or at the site), but how do you know that they’re being productive? Not every task can easily be gauged through an online tracker. Construction, for instance. Sure, you can ask their colleagues about an employee’s output — but it’s easier to simply monitor the site using video recordings and determine it for yourself.
IoT monitoring devices can be as varied as you like, producing audio, video, or stills and using whichever filters or views you prefer (thermal imaging, for instance). It’s actually fairly simple to build a live IoT camera, but there are plenty of companies out there dedicated to making sophisticated monitoring devices, so it’s likely easier to consult one or more of them.
This list isn’t exhaustive, but it does set out the most prominent ways in which businesses can use the power of IoT connectivity to enhance their operational security. Authentication, in particular, is profoundly important — the faster you move away from physical keys and embrace MFA, the more secure your business will be.
Kayleigh Alexandra is a writer for Micro Startups, your online destination for everything startup. She’s passionate about hard-working solopreneurs and SMEs making waves in the business world. Visit the blog for your latest dose of startup and charity insights from top experts around the globe.