This week’s Ask the Expert is answered by James Sinton, Head of Technology Services at IMS Evolve.
Ask the Expert: How do you build security into legacy infrastructure?
The Internet of Things (IoT) is creating opportunities for businesses across every industry. However, the big question for the C-suite is how do they ensure their business is taking full advantage? There are a huge number of vendors offering different ways to roll out the technology and so selecting the right provider for each company is no mean feat. One significant consideration is whether or not to invest in IoT enabled equipment or instead look for a way to leverage the data that is sitting in an organisation’s legacy devices.
Many businesses do not want the upfront costs associated with ripping out and replacing their existing infrastructure for IoT enabled devices and so adding an IoT layer to the equipment already in place offers an attractive alternative. How then, can businesses implement this securely? Take the cold chain in the food retail industry as an example. The cost of replacing every in-store fridge, freezer or food delivery van is simply not of immediate appeal for a large retailer, though the addition of IoT technology can directly benefit its core business objectives of selling produce; by improving food quality, reducing waste and, ultimately, delivering a better customer experience. In addition, for the food retail industry and many others, the legacy infrastructure within organisations often has mounds of untapped data that can prove vital in ensuring IoT deployments serve to meet these goals.
Security, however, is of course a huge consideration for businesses looking to adopt IoT technology. Not only do they need to keep valuable data safe, but it is vital that all technology complies with increasingly stringent data protection regulations. This is where a project incorporating legacy infrastructure can come up against a roadblock – that as non-connected devices, legacy infrastructure does not have the benefit of in-built security. Not only can this pose a challenge for protecting the data generated by legacy machines, but once the devices are connected to the business’s main network, there is the risk of a potential breach to contend with.
This is where Edge computing comes in. This refers to an architecture where data, rather than being hauled into the public internet and large corporate networks for analysis, is processed at its source at the edge of the network. So how does this help with security? Connecting straight to the cloud can leave the infrastructure and the data it generates vulnerable. This is an open invitation to cyber criminals to exploit company data, exposing not only those devices, but the entire network to security risks such as Distributed Denial of Service (DDoS), Man-In-The-Middle attacks and hacking.
Edge computing puts processing power at the source of IoT data, meaning that not only can data be analysed as soon as it is generated, but secured. By having computing power at the Edge, an IoT deployment can be designed with an in-built security layer. As IoT deployments move into sectors where increasingly critical devices and data are being handled, it is vital that the data is protected. Take health care for example. As medical equipment becomes IoT enabled, there is no room for error – regardless of the device, there must be inbuilt edge computing capabilities that allow the device and the data it generates to be protected.
As businesses undergo digital transformation, there is a careful balance to be struck – value, cost and security. IoT has the potential to drive huge business value, and legacy infrastructure IoT solutions allow the full benefits of the technology to be reaped without the eye-watering cost of ownership. The final piece of the puzzle has to be security. For the majority of businesses, security has to be a number one priority and any IoT solution that does not account for security is simply not viable. By adopting a solution with Edge computing capabilities and baking in security from the get-go, businesses can move forward with innovative technologies without being hampered by security risks.
Enjoyed this Ask the Expert? Check out What benefits come from running a partner programme?