New research on IoT security as Microsoft leans in

No photo availableByJon Gold
4 min read

As with any technology whose use is expanding at such speed, it can be tough to track exactly what’s going…

IoT

As with any technology whose use is expanding at such speed, it can be tough to track exactly what’s going on in the internet of things (IoT) world – everything from basic usage numbers to customer attitudes to more in-depth slices of the market is constantly changing. Fortunately, the month of May brought several new pieces of research to light, which should help provide at least a partial outline of what’s really happening in IoT.

Internet of things polls

Not all of the news is good. An IPSOS Mori poll performed on behalf of the Internet Society and Consumers International (respectively, an umbrella organization for open development and Internet use and a broad-based consumer advocacy group) found that, despite the skyrocketing numbers of smart devices in circulation around the world, more than half of users in large parts of the western world don’t trust those devices to safeguard their privacy.

While almost 70 percent of respondents owned connected devices, 55 percent said they didn’t feel their personal information was adequately protected by manufacturers. A further 28 percent said they had avoided using connected devices – smart home, fitness tracking and similar consumer gadgetry – primarily because they were concerned over privacy issues, and a whopping 85 percent of Americans agreed with the argument that manufacturers had a responsibility to produce devices that protected personal information.

Those concerns are understandable, according to data from the Ponemon Institute, a tech-research organization. Its survey of corporate risk and security personnel, released in early May, found that there have been few concerted efforts to limit exposure to IoT-based security threats, and that those threats are sharply on the rise when compared to past years, with the percentage of organizations that had experienced a data breach related to unsecured IoT devices rising from 15 percent in fiscal 2017 to 26 percent in fiscal 2019.

Beyond a lack of organizational wherewithal to address those threats, part of the problem in some verticals is technical. Security vendor Forescout said earlier this month that its research showed 40 percent of all healthcare IT environments had more than 20 different operating systems, and more than 30 percent had more than 100 – hardly an ideal situation for smooth patching and updating.

That’s a problem when IoT devices make up 39 percent of the endpoints running on those networks. Finally, a report from cloud security company Zscaler said that 41 percent of all IoT devices weren’t using encrypted communications, which is also less than ideal.

Narrow-band IoT (NB-IoT), a technology designed to let IoT devices communicate easily on carrier networks, is now available in areas covering 92 percent of the U.S. population, according to an announcement this month from Verizon.

NB-IoT is aimed mostly at applications that don’t require a huge amount of bandwidth and those that are highly tolerant of latency. It’s not a use-anywhere option for things like keeping driverless cars on the road, but it could easily be used to manage parking meters remotely or testing the batteries in smart smoke alarms. Utilities, asset tracking and things like waste management are also potential use cases for organizations that don’t want to deal with implementing a specialized connectivity layer for such applications.

Microsoft broadens IoT support

Several announcements from Microsoft this month underline the company’s aggressive stance on the IoT market – a partnership with semiconductor manufacturer NXP to bring AI/ML capabilities to Azure IoT  users is probably the headliner, but Microsoft also announced several new initiatives at its Build conference in Seattle to help developers integrate existing applications into modern IoT frameworks.

The NXP announcement will combine Azure IoT with NXP’s new “system-on-module” RT106C Crossover processors, a sensor suite and machine learning algorithms to create an off-the-shelf anomaly detection product for IIoT and other applications. Much of the computational work can be done on the device itself, which integrates easily back into Azure IoT for reporting and further analysis.

Microsoft also announced that existing Windows CE IoT applications would soon be able to function on Windows 10 IoT, making it easier to move those workloads to more modern software. The company moved Azure IoT’s Device Agent V2 software to general availability and announced that the Windows IoT infrastructure would henceforth support the Robot Operating System, an open-source OS for robots being used as edge devices.

Given the emphasis in the IoT world on interoperability with a huge array of different hardware and software, these moves could considerably broaden Microsoft’s appeal as a back-end for all sorts of IoT implementations.

Jon Gold is a Senior Writer that covers IoT and wireless networking for Network World.

 

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co