Fear, uncertainty, and doubt in the Internet of Things

Fear, uncertainty, and doubt in the Internet of Things

Summary: Is it a real thing or paranoia to think that 80 percent of IT administrators fear exposure through mobile devices? It's both a real thing and it requires a healthy dose of paranoia to appropriately fear the coming Internet of Things.

SHARE:

The funniest thing to me about the Internet of Things (IoT) is the fear that's riding the wave just ahead of the IoT storm surge.

I'm not saying that the fear isn't justified but it is misplaced. Are mobile devices vulnerable? Yes. Will the Internet of Things create more security problems for us in the future? Undoubtedly. Will we hide in the corner losing our religion? Not a chance. But is there something more onerous to fear than the perceived threats to our future devices and networks? Yes, there is. I'll let the Gartner prediction speak for itself, so that you don't think I'm exaggerating again, which I, of course, never do.

"The growth in IoT will far exceed that of other connected devices. By 2020, the number of smartphones tablets and PCs in use will reach about 7.3 billion units," said Peter Middleton, research director at Gartner. "In contrast, the IoT will have expanded at a much faster rate, resulting in a population of about 26 billion units at that time."

That's 26 with a bunch of zeros after it. That's a lot of devices to be monitored and patched. That's a lot of vulnerability. What happens when we become dependent on those "things" for essential services? There's the realization that just hit you. And you thought managing 800 servers was overload. Welcome to the new age, welcome to the new age, to the new age.... It kind of makes keeping track of office supplies look like child's play doesn't it? 

You know what's more fun than 26 billion connected devices? How many different operating systems and versions of those operating systems do you think that encompasses? Did the blood just drain from your head?

Fortunately, to allay those fears and problems are companies desperately trying to get your attention in the mobile device management (MDM), mobile application management (MAM), and mobile content management (MCM) (herewith referred to as MXM) spaces. In the coming years, MXM will be something you can no longer avoid and I know you've been avoiding it. You're hoping the whole thing will blow over before you buy in.

It's not going to blow over.

But enough of what I say, how about what you say?

In a recent research effort conducted by GFI Software, "Disruption is a significant concern, as 96.5 percent of IT decision makers surveyed said that IoT would produce at least some negative impacts for their organizations, with more than half (55 percent) saying it will impose new security threats while extending existing threats to a greater number of devices. Furthermore, 30 percent said IoT will result in an increased IT spend, while 26.7 percent expected device management to spiral out of control as a result of the rise of IoT. And 14 percent expect that deploying patches across multiple platforms will present a particular challenge."

Wait, did you get that?

26.7 percent expect device management to spiral out of control. Fewer than one-third of the respondents are worried about management spiraling out of control. Interesting? You bet it is. Almost everyone said that IoT would "produce at least some negative impacts for their organizations". Wow, talk about Head-in-the-Sand syndrome.

A healthy amount of fear is a good thing. A little paranoia is a good thing. An unhealthy 26.7 worrying about spiraling management problems is alarming. I worry more about the people who aren't worrying.

And here's the thing that I don't think anyone realizes: No one is going to proactively fix it. Think Y2K here. We knew about the Y2K "bug" for 30 years and people were still scrambling at the last minute (and beyond) to fix that problem. Don't expect "them" to fix it before it happens. IoT is going to creep up on you and before you know it, you'll be out of control — literally.

Need another example?

Heartbleed.

Everyone expects "they" to fix something, but "they" never do until "they" have to.

Want to see more alarming attitudes and results?

Read the GFI press release my Frugal Networker site. When you get to the "Sea Change" part of the post, come back here and continue.

Did you read the part that stated, "...as more than three-quarters (78.6 percent) of IT administrators expect their security practices to change as a result of IoT. Among these changes, nearly one-third (30 percent) expect to have to revise policies about connectivity in the workplace to manage this adaption."?

What do the others think? More than 70 percent of the respondents said something other than that "they expect their policies to change". Who are these people?

It's a real head-shaker, for sure.

My greatest fear is the lack of paranoia. I think we become too complacent on "future" issues. Everyone will "wait and see what happens" before doing anything. I'm going to be subtle here by saying, Y2K and Heartbleed.

Is it really spreading FUD to anticipate security threats and attempt to mitigate them in a proactive way? No, no it isn't. Because you know, if you don't warn everyone to the Nth degree and keep harping on it, that when something bad happens, your brilliant management will address you smugly with, "Why didn't you tell us and keep us informed"?

Yes, I should have done that. Darn it, it just slipped up on me in the past six years since I read that post on ZDNet.

So, what can you do?

Estimate the number of IoT devices you'll consume over the next few years beginning with 2015 and estimating out to 2020 or beyond. Now, double and then triple that number. Estimate what it will take to deal with the threat, the number of devices, user training, and management efforts.

Buy an MXM suite now to help you deal with the growing needs and security threats facing you. 

Shop around for a suite from a company that understands the growing needs that you face and one that can face them with you. Ask questions. Ask potential and down-selected vendors if they have an IoT plan. If not, move on. If so, keep the dialog open.

And if you're asked to participate in a survey that has anything to do with security, be informed. Be proactive. And for goodness sakes, be paranoid. Healthily, of course.

What do you think? Are you worried about the estimated number of "things" to manage in the future? Are you worried about the security risks? Talk back and let me know.

Related stories:

Topics: Security, Hardware, Mobile OS

About

Kenneth 'Ken' Hess is a full-time Windows and Linux system administrator with 20 years of experience with Mac, Linux, UNIX, and Windows systems in large multi-data center environments.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • What? IOT is DOA anyway

    There is no need to have refridgerators, monitors, toasters and everything else on the internet. Your phone, tablet, desktop & laptop. Thats already enough devices. But beyond that, there is no need to have ANYTHING ELSE connected to the internet. Other than in specialized scenarios. People are already unnecessaryily connecting cars to the internet, etc. There is no MXM company that will be able to handle this. its just another useless business for more crap that people shouldn't be doing.
    In the end it just makes those of us who really understand how technology works the real owners of the world. Because we can manipulate everything, and other people won't even have a clue how it works. And this is already scary.
    Jimster480
    • IoT isn't necessarily a consumer issue

      I support industrial automation platforms across the country. The range of connected devices is growing at an explosive rate along with a growing capability to monitor and control equipment 24/7/365 from mobile devices. There is a hierarchy involved. There is a facility, within the facility there are integrated machine platforms utilizing a variety of computers, robotics, PLCs and other controllers. Connecting to those controllers gives access to robot tooling, machine I/O, motor controllers, pneumatics, hydraulics, sensors, safety circuits, and a wealth of data collection and analysis tools. I typically use an iPad with LTE and WiFi as my go to system for remote monitoring and control of multimillion dollar platforms located at multiple locations across the US. I could do it with an iPhone but the screen size is the only limiting factor. The idea that I can carry that level of access around in my pocket still amazes me. I wouldn't be surprised to see the growth estimates for the IoT to be on the low side.
      krossbow
  • I would hesitate on buying anything now

    For one thing, there is going to likely be a radical shift in any technology or reporting features between today's internet connected thingies and tomorrow's internet connected thingies (good technical terms here...).

    Further, why is IOT important to your business? Do you really need to buy a MXM solution that can manage automobiles, refrigerators, mobile phones, and cattle when you're in the septic system industry?

    Let's look at our septic system business. Perhaps they're concerned about their heavy machinery. Well, CAT is already monitoring it - and you won't get access to the data. Well maybe if you ask (*cough cough* pay up *cough cough*) you'll get it - but in general, one of your biggest capital investments won't be something you need to worry about.

    Even if you deployed your own monitoring/internet connected systems in relationship to your work (such as septic field monitoring or something), you'd have to design it from the ground up to be meaningful for your business (or a vendor would have to design it from the ground up to be meaningful for their clients), meaning that it will have some kind of management system already built into it before you deploy it. Since only a very small number of companies are probably going to be deploying different IoT hardware, that means the need for some kind of MXM suite to handle a "wide variety of data" isn't really necessary. And the companies that would need it will do what Walmart did and build it internally.
    jsreilly
    • I don't know anything about

      Septic field monitoring but in my experience companies are utilizing existing equipment and communication protocols and retrofitting remote connectivity into them. The cost is dropping, the technology is improving and to use a cliche....There's an app for that. It is a relatively simple process to customize existing technology for industry specific applications. It used to be that field service meant going out into the field. More and more it means remoting in and diagnosing and resolving the issue.
      krossbow
  • Fear and uncertainty

    Remember that the growth of the IoT isn't happening in a bubble. Generations of adults will be coming of age and no doubt have grown up holding an iPad for a rattle. the next couple of generations of adults will be bringing their perspective and expertise to the table. Provided they can put their cell phone cameras down and get to work. Security firms will make a bundle and spawning a whole new industry can't be a bad thing. I cringe when i say this but maybe even the insurance industry will step up to the plate with policies that protect homeowners from security threats and even policies that protect consumers when their refrigerator needs an update. Where there's a will there's always a way and you know better than all of us the "will" and the might of the IoT.
    SmartMouthGirl
  • Fear, uncertainty, and doubt in the Internet of Things

    IoT diagnostic is a big differentiator for future product offerings, and whoever master it will leapfrog the competition. imagine a fictional scenario, you are driving your car, and your brake system detected a catastrophic failure waiting to happen and anonymously phone home to the manufacturer for expert diagnosis. you are then contacted through your IoT dashboard computer / radio / telephone (all-in-one) to proceed to the nearest maintenance depot where IoT spare parts are waiting, work schedules done and mechanics just waiting for your arrival ... or your freezer with tens of thousands dollars worth of goods detected near catastrophic failure that on the outside is not apparent, called the manufacturer that then send the technician with the IoT spare parts without outside intervention. just some of the scenarios ...
    kc63092@...