The Internet of Things (IoT) is poised to remake the way consumers access and respond to information and drive a profound and fundamental change in business operations. Some even compare its significance to the Industrial Revolution. And the IoT is expanding rapidly: according to industry analyst Gartner, 6.4 billion connected 'things' will be in use this year, and that number will rise to nearly 21 billion by 2020.
So what does it mean for businesses as these new data streams come online? There’s a huge potential to improve service to customers and gain greater insight into demand and trends. But from an online security standpoint, the IoT will be adding billions of new endpoints, and companies that do business with other businesses will have to think through the implications. Here are three points to consider:
Understand data collection compliance for each region and industry you serve
As you implement IoT strategies, it’s important to be aware that there are different data collection and compliance requirements by region and industry. If you serve international customers, it’s crucial to understand that data handling requirements in Europe are typically more stringent than in the U.S. and that American companies that handle data for European customers are subject to European guidelines. Industries like healthcare, finance, and others have their own regulatory considerations.
To make sure you are in compliance with the data handling requirements for your B2B customers, it’s a good idea to continuously conduct audits and evaluate the integrity of your information. For B2B companies especially, it’s crucial to generate regular reporting across all data systems, including accounts payable, customer service and everything in between. Ensure that your data is accurate and compiled correctly so that you can efficiently monitor customer information.
Evaluate new customer needs and continuously reinforce standards
When you bring a new customer onboard in the IoT era, the first step should be to evaluate their needs, recognising that every company is unique and will likely have specific requirements. Enquire about data privacy expectations and any special requirements they have, such as industry regulations, storage in a specific geographical area or private server storage. Once you’ve captured your new customer’s requirements, work with your IT team to make sure the customer’s data standards are met.
Your next step should be to make sure you have a solid process to continuously enforce these standards. It’s advisable to create data security documents to share with customers so that everyone is on the same page regarding the processes to keep data safe. It builds customer confidence when you share codes of conduct and perform frequent security evaluations, so create service level agreements (SLAs) to specifically define what customers will receive. Strong security controls, data encryption, and tokenisation are also highly recommended to protect customer data.
Upgrade security technologies to protect sensitive data
To keep sensitive data away from unintended recipients, many companies are deploying Secure Sockets Layer (SSL) to create encrypted links between online servers and web browsers. The SSL migration is especially important since on-premise software installations are becoming less common as more people turn to cloud solutions. If you haven’t already implemented SSL, it’s advisable to do so.
Hacking also remains a serious problem, so companies are stepping up their security game in other ways to combat cyber theft and data loss. Two-factor identification is an increasingly popular option, with customers and users storing a mobile phone number or email address in their account and receiving a code to verify their identity when they attempt to log in online. This makes it much more difficult for hackers to access B2B accounts and steal data.
Whether your organisation is ready or not, the IoT is set to change the way you and your customers interact, so it pays to prepare now. Complicating the issue is the fact that too many manufacturers are cutting corners to reduce the price of IoT-connected devices and making security a low priority — leaving users with completely unsecured devices that can compromise other assets in the network.
There will likely be a 'Wild West' feel to the IoT sector, at least in the short term, until regulations catch up to manufacturers and impose greater security requirements to protect consumers. In the meantime, it pays to be aware of how lax security can be on IoT devices and address that before sharing new data streams with B2B customers. By being aware of the many issues the IoT raises, you can position your company for success as the IoT era dawns.
Robert C. Johnson, CEO, TeamSupport