wireless remote site security

Making the Choice between the Internet of Things (IoT) or using a Private Network

17/04/2016

Has the use of the Word “Internet” in Internet of Things (IoT) been a shot in the foot that has stifled its adoption?

With Governments globally struggling to encourage business to embrace the IoT has anybody taken time to think that the name is part of the problem?

Our experience is that Cyber Security is the biggest threat to both the IoT and similarly cellular GPRS type monitoring, as they both depend highly upon the internet. Factually, not a day passes without millions if not billions of attempts to hack, infiltrate and deny service taking place. The problem is the source of the attacks is global, not just driven by humans behind keyboards but potentially emanating from millions of machines “robots” connected to the internet.

Apparently the number of reported cases that hit the media is tiny as the problem is like a rapidly growing iceberg that causes embarrassment and loss of business confidence so it is hidden. Similarly there are countless cases of blackmail that take place on the “dark side” of the internet, again further undermining confidence.

So is the IoT a lost cause? Certainly for mission critical applications as we are already receiving tenders that specifically preclude the use of any technology that connects to the Internet, the IoT, WiFi or the use of the public cellular networks in particular GPRS and 4G as all rely on the internet at some point for connectivity.

Our message is simple if the data is valuable to your business then think hard. If your data getting into third party hands has dire consequences then think harder still. Think even harder if there is a control function where a cyber attacker would delight in turning off the lights or opening the flood gates! Finally, if time is of the essence and loss of service can lead to damage then the IoT is not for you.

However, if your application is not time critical, the data is of little commercial value, there is no control function involved and the leakage or manipulation of your data has no consequence then the IoT may be the ideal route for you and your business! Further there are ways to de-value data. Data such as meter reading has value in its time of read for example as it provides a signature of if somebody is at home or not. Why not introduce a random delay in the data at source, then it has lost its value to the thief.

Some Suggested Private Network Applications

  • Meter Reading and AMR as customer data leakage can lead to security breaches as it contains data about who is in and out and can encourage burglary and causes breaches in privacy.
  • Sewer and CSO Monitoring: Loss of data or message or data delays can lead to spills not being mitigated
  • Real-Time Control: An obvious candidate as IoT could be blocked or hacked without warning
  • Asset Security &  Monitoring: Where the value of the asset is high or the consequence of loss or failure is dire
  • Railways: Virtually all applications should be kept clear of the IoT
  • Airports: Even building management should be kept clear of the IoT and the use of WiFi or cellular is a definite NO as in the event of an incident these services will be the first to be pulled by counter terror teams.
  • Highways: Again look at the criticality of the data – if not critical and has no impact on life or the environment then the IoT may be fine.

Notes to Editors

The opinions expressed above are based upon a combination of both life experiences and hearsay gathered from decades of working in the remote monitoring, AMR and control industry across a wide number of sectors. For reasons of security sources or industry sectors are not disclosed.

The authors would be happy to accept equally supporting data or challenges to these observations for inclusion in any sequels to this document.