IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Top 5 Reasons IoT is different than conventional IT
Fri, 26th Feb 2016
FYI, this story is more than a year old

IT and business are inextricably intertwined. Always have been. When IT systems stop — business stops, revenue stops, customer assistance stops. Perhaps nowhere is this more obvious than IoT. Gartner expects IoT to be one of most business-changing IT initiatives since cloud computing. But IoT is no ordinary IT initiative, no sir. It's advanced IT solution building. IoT requires — perhaps demands — that IT personnel employ a broad range of skills including business acumen, embedded technology expertise, strong interpersonal, communication, and negotiation skills, integration and security expertise, and much more. But here are five areas where IoT is different from traditional IT and where IT personnel should focus on building their skill sets.

1. IoT is business driven. Perhaps more than any technology initiative of our age, IoT will be business-driven. IoT is not a technology solution looking for a business problem. It's a purpose-built solution to solve a specific business problem. Hence, before organisations will invest the capital and human resources to deploy thousands or millions of devices all over the globe, collect and analyse floods of sensor/device data, and automate a business process, the business will want to know the ROI. Businesses are driven by two immutable forces: making money and saving money. IoT serves both of those masters. By connecting and instrumenting things, business can be more responsive to clients, react faster to issues and create new business opportunities, all of which can help make and save money. Therefore, most IoT solutions will start as initiatives that have specific, demonstrable business value. In fact, in a recent Gartner survey, respondents cited cost-saving/efficiency and revenue increases among the top three expected benefits from IoT initiatives.

2. The volume, velocity and variety of data. For literally years, IT has been dealing with a steady – if not meteoric — rise in the volume, velocity and variety of data. And up to this point, we've been able to deal with this rise by throwing technology and money at the problem. But when a business decides to deploy hundreds, thousands or even millions of devices, each with multiple sensors, collecting and streaming telemetry data from geographically dispersed areas, in real-time, it changes the data management game. Where are we going to store all of this data? The cloud? Even if the organisation decides to store and manage IoT data in a cloud-based IoT platform, how long do we keep it? Remember, data stored in perpetuity in the cloud, costs in perpetuity. The bottom line is, whether you store IoT data in the cloud or on-prem, we must get more precise and strict about data management. We need to know the value of the data so that we compare that value to the cost of storing and managing it. When the cost of storing and managing data exceeds it value (or potential value), then it's time to delete it.

3. Combination of Operational Tech (OT) and Information Tech (IT). IoT is the marriage of two very different worlds — operational technology (OT) and information technology (IT) — each with very different technological lifespans and operational requirements. IoT isn't something that IT can wholly own and operate. To create a truly end-to-end IoT solution, IT will need to go into the field, understand their existing operational technology, work with OT engineers and the business leaders who run those OT businesses to gather requirements and build a functional solution.

4. Unique risks created by end-to-end automation. Several aspects of IoT solutions raise new security risks that have yet to be encountered in traditional IT systems. First, the potentially vast array of geographically dispersed edge devices can pose broad and difficult-to-protect physical attack surfaces. Without physical security these devices, their network, or aggregation points could be physically compromised to create a denial of service or replaced so that they send false or invalid data. Another issue is the potential for malware or compromised firmware. These devices and their aggregation points, often have management interfaces over that allow remote access over public networks. If a nefarious person can gain unauthorised access then they can alter the behaviour of the device by uploading a rogue firmware, malware, or library. Finally – and perhaps most importantly – the automated, end-to-end nature of IoT solutions compounds the risk. An attack at the edge could trigger events all the way through to the enterprise systems that could inappropriately act on those events causing serious operational issues or falsely report problems that don't exist.

5. Integration, Integration, Integration. IoT is not one thing; it's the integration of several things. Therefore, IoT requires advanced integration skills and end-to-end thinking. As IT organisations begin to build their IoT solutions, the most prevalent problems they will encounter is the integration of edge devices to the IoT platform and the integration of the IoT platform to enterprise applications and services — especially security, identity and operational applications. To overcome these integration challenges, IT organisations must form an IoT solutions team, led by an IoT architect and composed of a variety of subject matter experts who can diagnose and solve challenges across the IoT solution landscape.