Throughout the 90s and early-2000s, the idea of embedded technologies – think “motion sensors” — led many large and small organizations to sink untold dollars into smart building initiatives that often required expensive retrofits to accommodate vast cables and multiple power supplies. Now, however, these same organizations are told they need to adopt the new latest, greatest technology: The Internet of Things (IoT). They are understandably skeptical.
It is true that IoT offers some advantages over older smart building technologies. For example, today’s IoT devices typically use long-life battery power and are much smaller and less intrusive. What’s more, these devices are often “smarter,” offering significantly more data than traditional smart systems. Finally, data and analytics are stored in the cloud, rather than in on-site servers.
In short, IoT has become, in essence, the new “bright, shiny object” that everyone is told to want. But is it truly what everybody needs?
Before organizations invest heavily in IoT, they should first ensure that they are fully realizing the capabilities of their existing technologies, smart or not. Only then should they invest in IoT where there may be data gaps. For example, rather than investing in new CO2 sensors, it is likely possible to get that same information from the installed HVAC system. These systems already measure CO2 and respond accordingly. New technologies can now collect analytics that were not part of older systems’ original design. Plus, these new analytics can increasingly incorporate artificial intelligence, alerts, and reporting.
More importantly, many of the IoT devices on the market today come with significant security and privacy risks. According to a 2015 study by Hewlett Packard Enterprise Security Research, 70% of these new devices use unencrypted network service. This enables an attacker to identify and infiltrate valid user accounts through account enumeration, leading to an alarming number of vulnerabilities per device.
So before investing widely in IoT, organizations should first realize the full potential of existing technologies. Then proceed with caution in adopting any IoT device so that security and privacy concerns are met.