Success for a modern business requires an awareness of how rapidly the tech landscape can evolve. Just five years ago, smart devices and voice control were something that belonged in the office of the future. Today, the Internet of Things (IoT) is an established new avenue of technology that is enjoying worldwide uptake, and is expected to push beyond 20 billion installed units by 2020.
While the consumer uptake of IoT devices has continued to increase (from 3.02 billion in 2015, to a projected 12.86 billion in 2020), business has been slower to adopt, but the momentum is starting to grow. Combined business use is projected to increase by about 250% by 2020,compared to 2017.
If implemented correctly, IoT can bring significant benefits to business. Industry-specific tools can help better collect and utilise data that can then be used to increase efficiency, improve supply chain management and identify potential bottlenecks – all of which can save time and money.
But why has it taken businesses so long? Several factors are likely to be causing reluctance in business owners, such as the limitations of their budgets and uncertainty over which devices are likely to provide longevity. However, the single largest concern should be the increased cyber security threat that the IoT can pose if it is not effectively managed.
One of the primary benefits of IoT is the additional functionality that can be added to day-to-day objects. From printers that automatically reorder ink to automated lighting, convenience coupled with the simplicity of plug-and-play installation can make it easy to forget that these devices need to be treated with the same security best practices as laptops and servers.
Any device connected to the network has the potential to become a point of entry for hackers. It therefore follows that rapidly increasing the number of devices being added to a network can make the attack surface increase at a dangerous rate, as there are more potential weak points that could be overlooked.
Getting used to the idea of IoT integration is another concern. While every device that connects to the company network should maintain the same standards of security best practice, IoT devices can easily be overlooked – it is still not common to consider software updates for lightbulbs. Not only that, but applying them could become extremely time consuming. In these instances, a patch management tool can help to ensure that no device gets left behind.
Too much of a good thing?
This is not to say that IoT should be excluded from the workplace. On the contrary, as long as they are correctly installed and secured, IoT devices offer great opportunities to improve the office space. The question is, how should a business decide which devices to introduce to their office, and which are not worth the increased security measures required?
Devices that help to produce for a more comfortable working environment will offer immediate benefits. Smart thermostats and lighting can have a positive effect on wellbeing and productivity, while the additional controls can help to make savings on energy usage.
Enhanced controls for printers, servers and locks can allow managers and IT staff the ability to monitor remotely, making sure that devices are maintained, updates are implemented, and the office is secure. Not only will this save time, but can minimise disruption as issues can be identified and resolved quickly.
As convenient as it may sound at first, smart fridges and coffee makers will not do much to improve productivity. Not least because of the importance of regular breaks, which means that employees may actually get more benefit from taking a few minutes away from their screens while a kettle boils. Similarly, false conveniences like motorised blinds are likely to use up more time and money in their implementation than they are worth.
Ultimately, automation is about increasing efficiency. When choosing which IoT devices to adopt, make sure that they would present a tangible improvement on the current environment, otherwise there is no good reason to make the change.
How to keep the network safe
The installation of new devices offers an excellent opportunity to look again at the existing security measures and policy to make sure it remains fit for purpose. Further security improvements can be made by considering both the users and the network itself.
Establish a security culture
Key to effective cybersecurity is the idea that any security are only ever as strong as the weakest link. This is especially true of the people in an organisation. From weak passwords to being unable to identify suspicious activity, human error accounts for four of the top five causes of a data breach.
To ensure that everyone is on a level playing field, all members of staff, regardless of their position in the company, should receive training to minimise avoidable mistakes. This training should be the first step in reframing the company’s relationship with security so that it is a daily focus for everyone.
Limit additional devices
While the in-house office devices protected with antivirus, firewalls and endpoint security protection will be secure, they are not the only things that need to be monitored. Use of smart devices is huge commercially, meaning that employees are likely to bring their own devices to work in the form of wearable tech and smartphones. While the primary security risk is the loss of personal data, if a vulnerability in a personal device was exposed and then it connects to the office network, it could put company data at risk as well.
In these instances, it is vital that a ‘bring your own device’ (BYOD) policy is in place that covers wearables as well as phones, tablets and laptops. Having staff sign up to this agreement ensures that users take individual responsibility for ensuring their devices are running , and that they are utilising measures like two-factor authentication.
Use a secondary network
A simple solution to protect data from the increasing attack surface of the network is to establish a second secure network where sensitive client data can be held independently, with stricter access controls and fewer users with the credentials to connect. Should a breach occur on the main network, the chances of suffering significant losses could be minimised.
What has become clear in recent years is that the Internet of Things is only going to continue expanding into every area of modern life. Increased implementation in the office will continue and best practices will gradually adjust. In the interim, additional consideration will go a long way to prevent inadvertently adding vulnerabilities to the network.
Any new technology brings with it fresh threats to security, but as long as the company has considered each new device on its merits and only implements them when there is a justifiable reason, IoT can bring businesses of all sizes great benefits to staff wellbeing, office dynamics, efficiency and productivity.