Can IoT help make the enterprise more secure?

Most people think of IoT as a security vulnerability, but Enterprise IoT could also be a security tool — and maybe a privacy issue.

Can IoT help make the enterprise more secure?
Thinkstock

It’s no secret that the rise of the Internet of Things (IoT) presents massive new security challenges. Heck, I’ve written about the issue here more than once. But one company claims that enterprise IoT also shows promise for addressing key security issues.

Tim Lang, CTO at BI and data analytics firm MicroStrategy, notes that 70 percent of security breaches come from the inside, and he says Enterprise Internet of Things (EIoT) can help enterprises “monitor and prevent these breaches before they happen.” 

Lang cites McKinsey estimates claiming that 70 percent of the value created by IoT over the next decade will flow from business-to-business (B2B) applications. He says these B2B applications will use IoT technology to improve many elements of business operations, including security.

The biggest threats lie within

Specifically, EIoT is positioned to help companies mitigate internal security risks.

Lang says: “What IoT brings to the table is a low-friction way of monitoring and tracking who’s in what system when, and sending alerts if there’s activity from unauthorized personnel or a settings change in a highly confidential system. Having this level of intelligence and support allows your team to have one eye open at all times and ensures the security of your most confidential databases.”

According to Lang, EIoT is a much better approach than traditional passwords, which constantly need to be updated and are easily leaked or stolen. More importantly,  passwords and similar techniques are largely defensive, he says.

“In today’s world, enterprise organization can’t afford to constantly be playing defense, they need to be on offense," Lang says. "Utilizing EIoT gives companies the ability to mitigate security threats before they happen. For instance, if you’re alerted of activity in a system coming from outside the office, you can immediately see who it was, [see] what they were doing, and decide whether additional action is necessary.”

Meet your “digital twin”

Here’s how EIoT works: By adding sensors and connectivity to refrigeration units, automobiles, or assembly lines, vendors create “digital twins” — virtual representations of a physical object complete with key attributes and metrics. MicroStrategy applies this concept to people, creating a “digital badge” called Usher to enable the digital “twinning” of employees, partners and customers.

“The device projects the badge holder’s identity to the system,” Lang says, and “can stream data about the person’s context and actions in real time” to power security and other analyses.

Lang says MicroStrategy already uses Usher internally, and it is testing it with customers around the world. The concept makes sense, but I have to admit I find it a little bit creepy. Even in a workplace environment, I’m not sure I like the idea of a digital mini-me being tracked by my employer.

While employers may have the right to monitor their workers’ movements and actions, the process might just as easily sap morale as boost productivity, especially in positions that require creativity and initiative.

Even more worrisome, the technology seems easily transferrable into other environments, enabling comprehensive tracking in the real world. And that strikes me as more “big brother” than digital twin.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT