How the Internet of Things Changes Your Security Model
One thing in life that’s certain is that things change. Over the last few decades, the world has been changing at a much faster clip, thanks in large part to the internet. The high-speed data transfer the Internet facilitates, known as “high velocity, high variety and high volume,” leads to the creation of large amounts of data, exponentially more than most of us could have imagined just a few years ago. Few people were familiar with the term “exabyte” five to 10 years ago, and even fewer knew what it meant (for what it’s worth, an exabyte is equal to a million terabytes). Consider this: a study found that from the beginning of time until 2003, the world had generated a total of approximately two exabytes of data. Ten years later, we were generating five exabytes of data – per day. And we’re generating even more than that today, so much that the term “big data” hardly seems sufficient to describe this phenomenon.
So where is all this data coming from? Today, a lot of it comes from things. Many of the devices we all use on a daily basis are connected to the Internet. The most obvious are computers, smartphones and tablets, but there are others as well. Maybe you’ve received an email alert that a water-sensing alarm in your basement was tripped. Or perhaps you’ve heard about “smart” refrigerators that let you know when you’re running low on milk and automatically add it to your digital shopping list. These are just two examples of the growing number of objects in our homes, businesses and all around us that are equipped with integrated sensors and an IP address to enable them to communicate. Technologies such as GPS and RFID help to connect these objects in an expanding information network known as the Internet of Things.
This growing network is already having a significant impact on the way security systems will operate in the future, creating opportunities for new business models, improving business processes and reducing costs and risks. In old-style integrations, there was a one-to-one connection between systems to exchange data, usually in one direction at a time. Today’s systems now do more than move data in one direction. Today, data movement is a stream of simultaneous, complex conversations, with devices and systems talking and listening to each other, acting independently as they listen for specific events to occur and then taking action based on the information received. These new-style interactions are more like webs, with communication and data flowing in several directions and simultaneously between multiple systems, devices and the cloud.
This new paradigm is changing the way we do business. From a security standpoint, executives need to understand the new capabilities and expectations stemming from the Internet of Things. Under the old model, devices or systems produced data, which was then processed by a human, who would make a conclusion based on what he or she saw and understood at that time. The new model allows devices, systems and people to exchange data and engage in more complex interactions that are occurring in multiple directions, on multiple dimensions and platforms.
To create an example, consider a card swipe that opens a door. If the access control system is tied in to an interconnected building system, there are a number of transactions or events that a single card swipe can generate. For example, as the access control system verifies that the card is valid, video from the surveillance system may be pushed to displays using a video management system and used – via human interaction or facial recognition video analytics – to determine if the person at the door is the cardholder and whether anyone else enters the building on that card swipe. At the same time, the intelligent building control system can call the elevator to the entry floor and turn on lights and HVAC systems in the appropriate area of the building. The IT department can also receive a notification to expect the cardholder to log in to the system, with an alert generated if a different identity logs in or the expected identity does not. All of these interrelated actions can add up to an access control system generating thousands of bits of data per minute, contributing to the five exabytes of data we generate each day.
A fast-growing number of today’s systems including security systems are Internet-driven, so the number of systems that can be integrated is also growing. Devices talk, systems talk, data is aggregated and cross-system information can be analyzed. Yet the capabilities and claims of consumer products such as smart TVs may create a set of customer expectations that cannot currently be met by the capabilities of the security products on the market. Users may expect every one of their devices to be able to be interconnected and combined, and to be capable of communicating with each other to implement tasks. On the back end, they expect all data to be searchable and filterable, and in compliance with standards from government and IT as well as the security industry. This is the future of the security industry.
From a business standpoint, IP-based security systems have the capability to serve as a hub for all interconnected systems and devices in the Internet of Things. To make this a reality, the industry has to be the driving force behind the movement in that direction. To that end, there are a few things to consider.
Technology is advancing fast, and it’s in our best interest not only to accept this idea but to embrace it. This is especially true in the case of the cloud. The number and variety of Internet-driven systems is pushing, and in some cases forcing, wider adoption of cloud-based technologies and systems. This will have a large bearing on how security systems interact, integrate and communicate with other systems, and how all those systems should be used.
Mobility is another area to invest in. The Internet of Things generates ever-increasing interaction between people and devices, and mobile devices are among those used most by people on a daily basis. As a result, adding mobility as a feature facilitates integration between people, devices and systems. The opportunity here is to examine and determine how best to use mobility and the associated intelligence it offers to the security industry’s advantage.
The final point to consider is that the massive amounts of data we’re generating each day have implications for security. When properly sorted, searched and executed, that data becomes intelligence, whether for business, law enforcement or other entities. This intelligence is incredibly valuable and must be protected both logically and physically. This forces interaction, cooperation and collaboration between security and IT to protect and manage the data, including where it is stored, where and how it is accessed and who has authority to access what data.
While it may not be very well-known to a lot of people – yet – the Internet of Things offers the security industry a number of revenue-generating opportunities in terms of interconnectivity and the role of physical security in protecting five-plus exabytes’ worth of data each day. The key to taking advantage of these opportunities is to embrace changes – and the rapid pace at which they are coming – to make sure you’re in a position to do just that.