The Internet of Things and Security -
a contradiction in terms and what to do about it
The Internet of Things (IoT) is one of the keywords that should not be missing in any conversation when it comes to upcoming projects in the coming months. But does it make sense and is it even necessary to deal with it? Isn't it just a trend that nobody cares about in a few months time and which will be laughed at this time next year?
More than just a new buzz word
Because like every new buzz word in the technology industry, IoT is also true at first glance:
- If you talk to five people about it, you get ten definitions of the term
- Everyone is aware that "you have to plan something in that direction" but (almost) nobody has concrete ideas
- Reference projects are usually far away, both geographically and thematically
- You can be sure that it will certainly not affect your own company.
- Or one is aware that it will have a major impact on the industry, but how to deal with this fact is more than unclear.
- But everybody knows a company that already deals with this and that is supposed to be pretty great. So I hear. So they say.
Nevertheless, one should not dismiss the topic as a fad about which one will shake one's head with a smile in a few years. The increasing intelligent networking of devices and machines via the Internet certainly provides many opportunities to open up new business areas, to optimize existing ones or "only" a better way to transform routine processes from tiresome tasks to meaningful measures by means of automation.
Then why bother with security at all?
On the other hand, the fact that almost all current devices that are suitable for communication via IP do so, brings a much higher complexity for IT managers. We have also taken this aspect into account in our IDC Workshop closer inspection.
And of course, you shouldn't kill new opportunities just by talking about potential disadvantages. Nevertheless, there are some security aspects that should at least not be completely ignored when planning revolutionary ideas. Especially since most of these devices collect data, which almost always has a personal reference, thinking about such auxiliary conditions is a must, at the latest by May 25, 2018 and thus the end of the transition period of the new DSGVO.
Some of these topics will be discussed in more detail in the next few articles, although we make no claim to completeness.