The growing IoT divide

What gets measured gets managed – and monetised.  The Internet of Things’ (IoT) central promise is its ability to let companies see, measure, control, or profit from actions that takes place in their enterprises.  It promises to automate activities that were previously manual, control what had been unmanageable, and record data that used to be ephemeral. 

The far-reaching possibilities of IoT have captured the attention and imaginations of decision makers at all organisational levels, from the front line to the C-suite.  As a result, IoT deployments are now perhaps the most anticipated, but least-understood, initiatives, of IT departments today. 

Earlier this month, a new Cradlepoint Business Intelligence Report* called “The State of IoT 2018” revealed the current IT practices, perceptions and future plans surrounding global IoT deployments. The findings of the underlying study revealed that even though over 69 per cent of organisations have adopted, or plan to adopt, IoT solutions within the next year, 40 per cent of companies have serious concerns around cyber security.   This union of anticipation and misunderstanding has produced a vast divide in the world of enterprise IoT between what businesses say they believe and how they plan to act.    

As IoT continues its rapid expansion, many organisations will attempt IoT implementation projects.  These are high-pressure projects.  Organisations that fail will be a step behind at best and at worst could “succeed” in implementing a solution that undermines network security, overtaxes the company’s resources, and/or doesn’t deliver true ROI.  Those that truly succeed will be poised to ride the wave of the digital transformation with even newer technologies, like future 5G wireless networks. 

IoT in action 

Of those surveyed 32% of organisations already use IoT.  Large enterprises clearly have the lead on IoT adoption, with 30 per cent of respondents from organisations with at least 10,000 employees saying they had already implemented IoT.  The smallest companies surveyed, those with 500-999 employees, take second place when it comes to rates of IoT implementation with 27 per cent.    

A closer look at adoption 

Measuring IoT adoption rates is not enough.  The industry also needs to understand where IoT stands among companies’ many competing priorities, who is driving adoption and why.  Over a quarter (27 per cent) of IT pros identified IoT as a top initiative in the coming year.  Given the impact potential of IoT, you might be surprised to see this technology sitting at the middle of the pack among businesses’ key initiatives.  To my mind the reason is clear.  IoT demands a new way of networking, and it appears that organisations are rightly prioritising two bedrocks of IoT success: 

  • Infrastructure modernisation (39 per cent) 
  • Security (47 per cent) 

Successful implementation of IoT technologies requires a network infrastructure engineered for the realities of the distributed and vast nature of IoT.  Likewise, security is one of the greatest risks presented by IoT technologies.  Businesses should make these infrastructure and security updates with future IoT projects in mind. 

The decision to adopt IoT hinges on two factors: ROI and Security 

Survey respondents consistently demonstrated that ROI and security are the top factors they consider when preparing for IoT implementation.  Lack of ROI (35 per cent) and security risks (41 per cent) are the potential pitfalls that keep IT up at night – and they’re also the issues catalysing IoT adoption.  Among those organisations that have already adopted IoT, it’s safe to assume that some are pushing forward despite the risks.  Others have identified methods of safely and cost-effectively deploying IoT technologies.  Others are still in wait-and-see mode. 

The DIY trap: history repeating 

Enterprise networking is undergoing a digital transformation, and IoT is just one element of a larger movement toward networks defined by mobile connectivity, the cloud and automation.  This shift, along with IoT, is creating the need for an Elastic Edge.  No longer are enterprise WANs just for connecting fixed-branch locations.  The Edge Network is being pulled and expanded at an astounding rate with the proliferation of IoT devices, mobile and in-vehicle networks, and the need to connect more to the network than ever before.  The unifying thread within this massive shift is a movement away from a build-your-own proprietary network approach toward a Network-as-a-Service approach instead. 

Yet the survey’s findings reveal that IT Pros overwhelmingly prefer to use internal resources for all aspects of IoT implementation and support. The study shows that about half of the organisations surveyed are deploying IoT solutions on their existing enterprise network and 57 per cent prefer to manage their own IoT device security. 

In an age when organisations top priorities are shifting to Networking-as-a-Service methodology, many organisations stay stuck in patterns of the past, trying to build and manage IoT systems themselves. 

Organisations that plan to implement, house and manage IoT in-house are taking a back-to-the-future approach.  These technologies are part of a fundamental shift forward in enterprise networking – yet most companies plan to implement IoT in a way that parallels an outdated way of networking. 

Iron(y)-clad security practices 

It’s no wonder that IoT security is a top concern for organisations looking at implementing IoT technologies.  High-profile, IoT related breaches like 2016’s Mirai botnet have been so disruptive that even most of the general public recognises the security risks associated with these technologies. 

Yet nearly a year after the discovery of Mirai, it seems that many IT pros haven’t absorbed the lessons of that attack.  According to our survey, nearly half of organisations planning to implement IoT projects using internal resources also plan to house those networks on the core enterprise-wide network. 

Ironically, the most popular application for IoT today is security.  Approximately 71 per cent of respondents who already use IoT technologies say they’re using it for building security – in other words, the very types of devices that Mirai used to perpetrate its attack.  In an effort to increase physical security, IT teams are undertaking projects that could make their companies less secure – in both the physical and digital realms – than they were before deploying IoT. 

Further, companies are holding back from seizing the opportunities of IoT because of fears that centre on the very avoidable practice of housing IoT devices on the core network. 

IoT confidence gap between IT leaders and IT doers 

Those driving adoption of IoT technology are IT leaders – managers, directors and above.  Non-IT leaders, like executives and boards of directors, also play a role in driving IoT adoption, followed by line level IT staff. 

In every aspect of IoT implementation and management, people with director-level and above titles showed more confidence than IT managers and staff.  For example, IT directors and above are 14 per cent more confident than staff above their teams’ competence to build an IoT solution in-house.  Similarly, IT directors and above are 15 per cent more confident than managers that their company can implement an IoT solution. 

IT decision makers driving IoT adoption should see this confidence gap as a red flag – especially if they are planning to implement, house and manage IoT systems internally.  Companies whose leaders open the door to frank discussion with staff responsible for implementing and managing IoT may find that their expectations aren’t in line with staff expectations.  For organisations concerned with ROI, conducting open conversations with line-level IT staff could make the difference between achieving bottom-line gains or missing the mark.  These conversations may also reveal a need to bring in trusted vendors and partners to help manage implementation. 

Best practices for IoT planning and adoption 

The entire technology industry is based on constantly improving on how things have been done in the past.  It’s alarming to think that many leaders in IT and business are planning on using yesterday’s methods to address today’s challenges.  That said, readers who see their own organisations reflected in these results, should not lose hope. 

The following best practices can help companies close the divide between what they say they want, and what they’re going to do. Specifically, these best practices will allow companies to mitigate the potential for a massive security incident, and increase the odds of achieving ROI on IoT systems: 

  1. Treat network security as a foundational consideration from the inception of the planning process, not as an afterthought. 
  2. Do not try to implement IoT applications using only in-house resources and IT generalists.  Work with one or more trusted partners with IoT expertise to drive initiatives forward effectively. 
  3. Consider whether legacy network infrastructure – which requires manual, error-prone, and time-intensive network segmentation and policy orchestration – can really meet the needs of this fundamentally different technology. 

* Conducted by Spiceworks, the study surveyed 400 IT professionals in the U.S., Canada and the UK at companies with at least 500 employees across 22 industries. Respondents are all involved with IoT strategies and decisions at their organisations.    

Hubert de Costa, GM & VP EMEA, Cradlepoint 

Image Credit: Everything Possible / Shutterstock