Welcome to the Internet of Things (IoT), where everything from individual valves to entire factories and supply chains share data with each other and their operators. The benefits include streamlined logistics, more efficient factories, and happier managers and consumers alike.
It’s clear that Canadian businesses are quickly recognizing IoT’s value. IoT revenue will be worth as much as $8.4 billion CAD in 2016, with some of the fastest-growing industry sectors including manufacturing, healthcare, transportation, and consumer, according to IDC Canada.
However, while the Internet of Things promises many rewards, it also brings a host of security risks as an ever-increasing flood of potentially sensitive data makes its way into the cloud. What’s to be done about it? Experts say the solution is twofold: data encryption, and servers with built-in security features.
Securing a server’s firmware should receive special emphasis, say experts at Hewlett Packard Enterprise. “Because all of the press has been about attacks on the software side historically, the Compute side has been more vulnerable because you didn’t have as much emphasis there,” explains HPE server firmware manager and engineer Kevin Depew. In other words, with most of the world’s attention on high-profile software and data hacks, the potential exists for hackers to slip unnoticed into the firmware in servers that run software containing sensitive information.
The Internet of Things Revolution
Never before has information technology—defined by applications, databases, and server infrastructure—been able to blend so thoroughly with operations technology —the realm of machines like factory robots and environmental control systems. Connected machines and systems of machines provide a steady stream of operational data, enabling sophisticated algorithms, powerful analytics, and predictive reports that increasingly inform business processes and decision making, not just operations.
It’s all made possible by the Internet of Things, or IoT. And the trend is only going to grow. According to IDC Canada, 2016 is slated as being the Year of the Developer, with more than 250,000 unique IoT applications set to be created around the world over the next five years. Given that Canada has a strong pool of engineering talent, it is clear IoT will be at the top of the country’s innovation agenda.
New Benefits, New Risks
But the security risks that come with connecting operations to the IoT are also very real, as more and more potentially sensitive data goes online. Fortunately, robust tools for ensuring data security are already available—it’s just a matter of using them properly.
Protecting data means keeping unauthorized users out of the data stream. And that means it must be encrypted to all but authorized users. Data streaming from machines should be encrypted before it is sent, from the machines themselves to local control systems, and from there to remote servers. Fortunately, most such systems already have secure communications protocols in place for securing data in transit.
But it’s only when data reaches those outside servers that the magic of the IoT can go to work. And that can only happen if the data remains secure once it reaches the servers. There, it is potentially more vulnerable than in transit, experts say. That means a key component for data security at that point are servers that include built-in protections for keeping data safe.
Hewlett Packard Enterprise (HPE) takes security at the firmware level very seriously, says Depew. All firmware code goes through a rigorous testing process that includes attempted break-ins to try to discover unknown vulnerabilities. Also, says Depew, “We build security in to prevent modification by any malicious party.”
For that matter, HPE servers also include built-in encryption. This protects data even if the server itself is physically stolen, let alone hacked into remotely. “It’s called encryption for data-at-rest,” says Depew. “If you steal the whole server, the keys aren’t stored on the server, so you can’t access that data.” Since the encryption keys are stored and managed externally to the server, the data is still secure, even in the wrong hands.
All of which means that as long as security is handled properly at the hardware and software level, IoT’s reach—and the benefits it brings to the industrial world—will continue to expand.
Charlie Atkinson is Vice President Enterprise Group and Managing Director at Hewlett Packard Enterprise Canada. You can follow Charlie on Twitter @CharlieMeansBiz.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…