Gartner forecasts that by 2020, 20.4 billion devices will be connected across the Internet of Things (IoT). The IoT brings the promise of new possibilities, but to unlock them, agencies must change how they think about data and how to keep it secure.
There are four primary ways IoT can provide value to agencies and support innovation:
- Driving operational efficiency – improve effectiveness while simultaneously reducing cost
- Improving constituent experience – discover new ways to engage users
- Mitigating risk – improve security by detecting failures before they happen
- Driving mission success – discover new paths to mission success through data insights
Both Department of Defense (DoD) and civilian agencies are currently using connected technologies including drones, cameras, sensors, satellites, etc., to support their missions. For example, the Air Force is combining surveillance and flight sensor data to provide detailed threat information in real-time; the Navy is using a network of connected buoys with sonar capability to detect submarines more quickly and efficiently. On the civilian side, the General Services Administration (GSA) is using a network of low cost motion sensors to turn off the lights when employees are not at their desks – reducing environmental inefficiencies and overhead costs.
While the potential for innovation is great, federal IT teams face a number of challenges when implementing and using the IoT. For starters, up to 80% of IoT data will be unstructured, and these data points have to be stored, managed, and analyzed in a methodical way. For agencies, this means preparing their aging infrastructure for the influx of data from IoT devices on the edge.
The biggest challenge, however, is security. As agencies implement new layers of architecture and processors to harness the IoT, they must address cyber security concerns for both operational technology (OT) devices and traditional IT devices – not straightforward, as IT and OT have very different goals and drawbacks. And, there are an enormous variety of IoT devices that will come into play, each introducing a different level of risk.
It is important for federal agencies to be “paranoid, but not paralyzed” when it comes to IoT security. If approached in the right way – by having heavily encrypted storage environments and a cyber plan that provides for the protection of all endpoints/networks – agencies can effectively manage the security risks and take advantage of the significant opportunity ahead.