The ultimate guide to implementing IoT
Joey van Kuilenburg
IoT is a digital technology revolution that is even bigger than the industrial revolution. The Internet of Things is one of the most palpable consequences of the Fourth Industrial Revolution, of which we currently are in the early stages. Just as it happened during the previous revolutions, early adopters, professionals able to create or adapt their business around the new technologies, will ensure their competitive edge during the following decades. As always, knowledge is power.
The keyword of the decade was “disruptive” from Netflix to Uber and Airbnb. New technologies disrupt markets previously thought to be stable and straightforward. It is creating organizations that are able to challenge decades-old established industries with less than one-thousandth of their competitors’ capital.
In order to adapt to this new situation, or even becoming a disruptor yourself, one of the most critical concepts to understand and to implement is the Internet of Things (IoT).
This whitepaper will focus on the benefits and the challenges you may face during the process of implementation of IoT.
Table of Contents
What is IoT
It is important to know the meaning of “Internet of Things”. According to Wikipedia, IoT is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, Internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the Internet, and they can be remotely monitored and controlled. Let’s break that down:
First, IoT is about connectivity. All your things are connected through the internet. Things refer to any physical object that can be uniquely identified (by URI or Unique Resource Identifier) and that can send/receive data by connecting to a network. Examples are buildings, vehicles, smartphones, shampoo bottles, cameras, etc. They can be connected among themselves, with a central server, with a network of servers, with the cloud, or a mix of it all and more.
Second, IoT is about information and communication. Everything is sharing information to their designated endpoints either other things or servers. They are constantly sending information about status, actions, sensor data, and more. All of them with their unique ID attached, so that it is possible to know where the data came from.
And finally, IoT is about action and interaction. These last two concepts define the core of what IoT is: connection and information sharing. However, all that data isn’t generated just to be stored somewhere and forgotten. It has to be used for something. And that use can be automation: computers using the data to automatically (or even autonomously) make decisions and, for example, with the help of Machine Learning, act. And that usage can also be monitoring: letting people know the state of something or some process. The people may be the users of a product or the overseers of for example a production line.
— Download this article as a pdf ebook —
Early adopters who are able to create or adapt their business around this new technology, will ensure their competitive edge for years to come.
The Ultimate Guide To Implementing IoT
Early adopters who are able to create or adapt their business around this new technology, will ensure their competitive edge for years to come.
There are two types of IoT: CIoT and IIoT. The difference is that CIoT often focuses on convenience for the “Customer”, whereas IIoT is strongly focused on the “Industry” and is more system-centric. Its focus is on improving the efficiency, security, and output of operations with a focus on Return on Investment (ROI).
How is it different than, say, using a Programmable Logic Controller (PLC)?
The difference is the Internet. A PLC is limited by the number of inputs and outputs, distance of cables, processing power, and internal storage.
With IoT the number of inputs and outputs is unlimited, and processing and storage can be delegated to the cloud, to edge computers (that is, decentralized and localized), to smartphones, or a combination of the above. This makes IoT much more flexible and scalable.
The near future
Aside from the advances in Artificial Intelligence (AI) and Machine Learning, there is another technological advancement nearing its implementation that will also provide many advantages to IoT: the fifth generation of wireless, popularly known as 5G.
The current generation, 4G LTE allows on average up to 1 Gbps of Internet speed, a great jump from the limit of about 50 Mbps of late 3G (even though early 4G allowed only up to 100 Mbps).
5G, on the other hand, eventually allows more than 20 Gbps of speed, and internet devices such as routers will be much more optimized. With the expansion of IoT to everyone’s daily lives, soon tens or even hundreds of billions of devices will be connected to the internet at any time.
Summarizing it all, we could say that the definition of IoT is: connecting devices so they can exchange information in order to perform and optimize actions and processes. It can be implemented as something as simple as lights that turn on when they detect that your smartphone has connected to the Wi-Fi, or as complex as traffic lights that base their state on real-time traffic data.
With new technologies, there are always potential issues related to lack of maturity and adoption that have to be kept in mind while considering implementing it, such as:
- Investment costs: it involves adding new hardware, modifying existing ones, hiring specialized personnel, building infrastructure, et cetera;
- Security: all your data will be sent to the cloud or to in-house storage via network connectivity. With everything connected to the internet that means you have yet another security concern in your facilities, aside from hacking into storage servers and administration computers: hacking into the devices themselves;
- Infrastructure: obtaining and implementing all the technological and communication infrastructure, such as databases, Wi-Fi or network coverage, fast internet, and systems designed for handling IoT;
- Obtaining hardware: in order to meet the needs of the present and future (which cannot be predicted), systems need to be flexible enough to evolve and adapt. Open integrated hardware and software platforms, and a real-time network that can scale with new technologies would be required to adapt to the changing requirements over time.
These challenges will be covered along the way, in order to give a better understanding of their current state and how they may affect your business, if at all.
Industrial IoT requirements can be specified as follows:
- Cloud computing: Cloud computing enables storage and processing of unstructured and structured data into real-time information.
- Access: Another IIoT requirement is its accessibility from anywhere and anytime.
- Security: Security is an important factor that forms a part of IIoT requirements since confidential and sensitive information is exchanged across the businesses.
- User experience: The more seamless the User Experience (UX), the greater the use of IIoT systems.
- Smart machines: Smart machines form the basic components or the starting point from which all connected things can be derived.
- Asset management: Managing assets through cloud-based services ease the functioning and maintenance of IIoT systems.
- Big Data analytics: Analysis of big data provides intelligent information, an ideal requirement for industrial purposes.
It is important to ensure not only that you know how to implement it, but what to implement it for. This way you ensure that IoT will improve your business in a way that will not only repay the investment but open the possibility for higher cost-efficiency of your existing service, product or production line. It could also enhance your existing products and services by adding new features and possibilities — and even create new business.
Step 1: Clearly set your business objectives
If you do not have the knowledge yourself, you can reach out to specialists, engineers, and experts. They can better help you figure out if IoT requires an investment that you can cover in the short term. Together you can figure out if the returns end up being at least as much as what older, more established solutions provided.
Clearly define what you want to achieve with the help of IoT. You have to figure out and state plainly:
- The problem you are looking to solve;
- What do you want to achieve by solving it:
- In the short term;
- In the long term.
- What is the best way to solve it?
It is also advisable not to start with an “all in” implementation. IoT can more easily be implemented gradually, restricting it to the amount of capital you’re able to expend every month or year on process optimization. For example, start with data gathering, then add data analysis, then start acting on the data, and just then start automatizing processes based on the data being gathered. You can even add machine learning later on if you feel it could help you.
For example, let’s say you’re having problems with logistics: your factory fabricates many different parts and assembles many different products in the same space concurrently. In order to better organize everything, every part and the assembled product has a defined space where they are neatly stored. As you already noticed, that is very space-inefficient, and hauling from a line to storage or from storage to another line may take a long time. But if you put everything together, they would be harder to sort out.
What is the problem? Inefficient logistics inside the factory space.
What do you want to achieve? Space, time, and, of course, cost-efficiency.
- Short term: free up more space for more lines, more efficient use of personnel.
- Long term: add more lines, automate the process as much as possible.
How can that be solved? The spacial position of each object or group of objects (as well as their amounts) can be stored in the cloud, and whenever one must be retrieved or stored, the closest idle person (or robot) can be tasked with hauling it to or from a predetermined position.
If you use Uber, you already see something similar happening: when you request a car to pick you up, the app uses your position to signal the closest drivers, who can then choose whether to take the job or not.
Step 2: Research tested IoT use cases
IoT is relatively new but exists for long enough to have gotten well developed and established in some areas. The number and variety of enterprise IoT initiatives are growing, which means there is already a number of compelling use cases. After identifying your problem and goal(s), you should check if they fall within some of the more common use cases of industrial IoT:
- Preventive Maintenance: keeping track of the status of the amount of wear, damage of parts, oxidation as a way to prevent irreversible or expensive damage;
- Automatic Refilling: tracking fuel and oil levels, as well as filter effectiveness, so that they can be refilled or replaced before they are used up, allowing continuous operation;
- Resource Micromanagement: constantly measuring the usage of energy, water, and gas, so as to avoid waste and allow better use of resources;
- Asset Tracking & Management: both examples used above fall into this. It consists, as the name suggests, of tracking assets: objects, vehicles, even people;
- Environmental Monitoring: getting data on the environment, such as humidity, pollution, water quality, soil humidity, temperature and such;
- Design for IoT: a new product aimed at consumers, business or industries designed to have built-in integration to IoT networks;
- Access Control & Security: controlling access to physical, digital or network space to better make use of labour time;
- Process Control & Optimization: getting data on process efficiency and applying it to increase efficiency;
These cases, among others, have already been tested and applied successfully in other companies or industries, and as such they are easier to implement. Once you have your problem defined, you should investigate if your problem falls into one of the already established and tested IoT solutions, meaning the implementation will cost less than if experimentation and tests were needed.
Step 3: Decide on the correct hardware
When you decide to go ahead with adopting IoT technology, it is time to figure out what will be involved in it. That is figuring out every device or asset that will be integrated into the network.
This hardware consists in its most basic form of sensors, that is, devices used to provide data on something, such as weight, volume, temperature, humidity, color, pressure, sound, vision, etc. The data gathered by the sensors then must be sent somewhere over the internet. this means another type of hardware required is connection devices, used to connect the data-gathering sensor or other hardware to the network used for IoT. Other devices that may be involved include edge computers and actuators. What needs to be used depends on what you want to achieve. New gateways and protocols are nowadays specifically designed for IoT use, e.g. Zigbee, Z-wave, 6LoWPAN. Not all devices run on these different protocols. So be aware about connectivity and interoperability before you commit to a purchase.
Sometimes just adding the necessary modifications to existing equipment may be enough. Other times, they may have to be replaced by ones designed for IoT.
In general, the sensors need to be low energy devices in order to maintain operable for a long period without having to replace energy sources.
Let’s take the logistics problem used before: in this case, every part, every hauler, every production line’s start and endpoints and every robot, later on, will be connected to the internet.
Every hauler, human or robot, would need to be tracked by GPS or any other position tracker. The spacial position of every storage spot would have to be tracked by the network, as well as the position of every part: at the end of a line, being hauled, stored, at the start of a line. Simple motion sensors may be enough. Or maybe each part may need a unique ID, like a QR code. It all depends on the complexity of the problem.
Step 4: Selecting IoT tools
The internet is the foundation of IoT (so make sure you have a high enough internet speed!), but the IoT devices are what make it useful: they are constantly working for you, doing what you tell them to do, in order to make your business’s process more efficient.
An IoT device is any device that is able to be connected to an internet network in order to:
- Gather sensor data, process it, and send it through the Internet to its designated endpoints
- Receive commands through the Internet in order to control actuators and do a task or a set of tasks;
- Or do both.
The information presented in the “Hardware” step involves turning common devices into IoT devices, through the addition of sensors and other IoT devices, such as the development kit used for prototyping.
There are currently a number of IoT-oriented devices that allow the device to “get used” to the user’s habits, predicting their wishes and warning them in case of any problem noticed. These out-of-the-box devices are more commonly employed for consumer use (that is, to create the so-called “Smart Homes”), but some may also be useful for your use case.
Some examples are:
- Smart thermostats, lights, locks, appliances, among others (control by phone and machine learning);
- IP cameras (cameras that can connect to the phone through the internet, sending video data and receiving commands to change where it is looking to);
- Drones (although some drones are manually controlled, modern ones feature self-stabilization, internet connection, and can send camera data, aside from some being controlled algorithmically);
- Voice controllers (such as the Amazon Echo and Google Home);
Not all of these may seem interesting from a production standpoint, but some businesses have found interesting uses for them, such as Amazon and their investments into delivery by autonomous drones. IoT cameras may be a good addition to ensure security inside the physical part of your business even remotely.
In our example, the IoT devices would be the end-of-lines and start-of-lines, the GPS devices attached to the haulers (or another kind of location tracker), and, later on, the hauling robots. In this case, the devices attached to the line would be “adapted” to IoT, while the others would be devices specifically designed for IoT.
Step 5: Selecting an IoT platform
An IoT platform is the software used to control and centralize every aspect of the IoT network and its connected devices, including sending commands and gathering data, commonly by means of cloud integration. It can either be custom made in-house or obtained from a specialized supplier.
Whatever the route for obtaining, it is the foundation of the network, meaning everything else will have to be designed around it. There is no need to consider getting a robust one before the prototyping stage, but it is needed for long-term operation of the IoT implementation. However, you need to bear in mind that every time the IoT platform is replaced, most of the software aspect of the implementation must be changed as well: the IoT platform defines how everything communicates and how data is handled. Changing it is a very costly process.
On the other hand, as soon as it is ready and set up, implementing IoT itself gets much easier: it’s a matter of setting up connections and protocols for communication throughout the facility, following the platform’s guidelines.
Step 6: Prototyping and implementing
Before starting implementation, gather a team from various departments to think it through thoroughly. IoT involves many different systems interacting with each other, meaning you will need people with different expertise throughout the project’s inception, design, prototyping, implementation, and incrementation.
Some of the experts you may need in your early IoT team, depending on your needs (that is, an industrial setting, a farm, a service, etc.), include:
- Computer Engineer: a computer engineer specialized in embedded firmware, to design and implement firmware programs for embedded systems, so they can receive and transmit sensor data;
- Software Engineer: to design and implement computer programs to deal with the network, the API’s, and the data gathered;
- Electronic Engineer: to design circuit boards to be used in the systems;
- Mechanical Engineer: the one who has knowledge of machines and other mechanical components, including their limitations;
- Mechatronic Engineer: knows how to integrate machines and computers, specializing in sensor use;
- Automation Engineer: deals with control and automation of production processes;
- IT Expert: to implement the internet network;
- Manufacturing Expert: someone with knowledge of the production processes, needs, and limitations, to guide the team to your needs.
- Telecommunications specialist: to deal with the variety of protocols, gateways and new monetizing models from the telco carriers such as subscription models for IoT data transfer.
With any project, there is something unavoidable: commitment is key. Implementing IoT technology in your business is a project like any other, and should be treated as such. As Cisco’s IoT Survey reveals, “60% of companies substantially underestimate the complexities of building an IoT service.” So, decide on your outcomes, acquire the knowledge, carefully design your implementation, then test it with a prototype.
Prototyping consists off using already available, less robust systems that can be easily attached and removed as needed, in order to figure out what works and what doesn’t. These can consist of hardware designed with IoT in mind, such as Particle’s Argon and Boron (Development Kits, hardware aimed at the development and prototyping parts of IoT), or even with an adapted Arduino and Raspberry Pi.
If the initial results and the team’s input and cost estimates on full implementation are a reason for optimism, then commit to it by implementing better hardware and platforms with better quality, that is faster and more responsive.
After implementation, you may want to get some other additional experts into your team, such as:
- Information systems expert: to handle data storage;
- Data scientist: to analyze the data gathered;
- Statistician: to assist in data analysis and quality control;
- Security Officer: to adhere to (internal) governance and GDPR (if applicable)
- Computer scientist: to implement machine learning.
Step 7: Gather useful data
The more complex the problem, the more sensors you’re going to need to keep track of everything. Fuel sensors, oil sensors, integrity sensors, and more. That means generating gigabytes of data every hour, every minute, or even every second. The usual tendency when facing large volumes of data is to discard everything gathered as soon as it is used. After all, you would need a lot of storage space to store all of that, which would add to the cost of implementing IoT.
That is the traditional approach to sensor usage: use the data, then discard. With new technologies on data analysis, such as Big Data and Machine Learning, as well as cheaper storage, cloud storage, and cloud computing, there is no need to readily discard it anymore. It can be stored and used to further optimize your processes.
Ideally, the data gathered should be processed, interpreted and sent to a database, where it would remain for a finite (or infinite) amount of time. From there, applications may be used to gather it, compile it and analyzed by data analysts, to ensure quality and efficiency of the processes, detect possible problems, and, of course, find ways to optimize them.
Bear in mind that this matter is much more technical than it looks. Every sensor has its own type of output port (be it analog or digital), and its own output formats. Whatever is gathering all the data will have to convert it to a specific format before sending it to the server storing it, which may depend on the platforms used, IoT managing apps, database type, and the technicians’ expertise. And the data gathering and storing will be done continuously, along with applying it at the time of gathering, if needed.
Let’s take the logistics example again: the objective is to optimize time, space, and cost.
After the initial IoT implementation was made, and the spatial distribution of storage and production lines were adapted to it, it is time to figure out how well this new paradigm is working. From the sensors’ raw data, attached to time data, it is possible to know exactly how much time it takes to haul a part or product between destinations and compare it to the time it used to take.
GPS data may also be gathered in the same way, generating traffic data for the company, detecting bottlenecks and possible ways to make the whole production process more efficient. If the position of machines and production lines ever needs to be changed, this is also a good way to determine if the hauling became better or worse, and how it can be further improved.
Step 8: Apply cold and hot path analytics
Cold path analytics is generally the name given to the decision-making process focused on the long term. It consists of storing all or part of the data gathered by the sensors and interpreted or converted by computers or embedded systems, and analyzing it afterward.
From this data, it is possible to know the status of your assets, production, resources, and systems over time, including the data being gathered in the present. It is the analysis done by data scientists and machine learning software to figure out what needs to be changed to make everything more efficient.
In our example: the process of gathering and analyzing the data on time between hauling steps (that is, between retrieval and delivery), as well as the traffic data of the haulers’ paths from one place to another is the cold path analysis in this situation.
All of that would be stored in the long term and could be analyzed and re-analyzed at any time.Allowing to see the effect that any changes on the work-flow may have on hauling efficiency.
Hot path analytics, on the other hand, is a decision-making process that must be done in real-time, not by people, but by automated processes.
It is commonly implemented for safety measures: if something goes beyond its safety level, everything may have to be shut down at once. You can’t trust someone’s judgment and reflexes to do that fast enough. It is something to be pre-programmednto the edge computers, or even straight into a circuit board, in order to provide the least amount of delay between measurement and action.
In our example: although not as critical as it could be in a chemical industry or health setting, the decision of where each item must be placed, and who or what is to pick up the item, must be done as fast as possible, so it would be delegated to an algorithm.
Step 9: Implement Machine Learning
Machine learning consists of an AI (that is, an extremely complex and adaptable group of algorithms) that is programmed to review data in real-time, identify patterns in them, and, depending on implementation, act on it.
The AI would take the place of or supplement a data scientist, analyzing data in order to predict the need for maintenance, predict human behavior, among others, just by identifying patterns in the data. A famous implementation of it is Siemens’s Internet of Trains, where machine learning, together with IoT, was used to do preventive maintenance of trains and train tracks.
Step 10: Think about security, security, security
In 2017 Equifax announced that 145.5 million US citizens had their identity and credit data exposed after a hacking attack. The information leaked included even credit card numbers. After months in court proceedings, it was decided that the company would have to pay 200 million dollars in reparation, with affected citizens eligible to get a part of that.
In 2018, the European Commission implemented the General Data Protection Regulation (GDPR), a regulation in EU law that defines norms on how personal data stored by companies should be handled and protected, also to prevent breaches such as Equifax’s and to minimize the effects of a breach, in case one does happen.
To protect your business, many measures have already been developed. You can find common solutions in the Risks chapter and for a more detailed approach, the CSA (Cloud Security Alliance) has a complete set of guidelines on how to properly secure IoT networks.
As with any investment, there are always risks associated. As said before, IoT is a rather new technology with very few standards, and few legacy equipment as of today, which means that investing in it is always riskier than investing in already established and well-tested technologies.
On the other hand, the potential that it has of revolutionizing businesses of all types, as well as everyone’s daily private life at home, means that getting into it can lead to great rewards down the line. Once you have gotten a head start: your implementation will be much more solid and stable than those just starting to adopt it. Your competitiveness will rise incredibly quickly.
In order to give you a better understanding of what exactly is at stake when implementing and maintaining IoT technology in this section, you will find some of the most common causes of problems for IoT solutions and how to prevent them.
Risk 1: Failure of Implementation
Simply put, you may not be able to implement it into your business.
Maybe your production facility is situated in an area that does not have fast enough internet. Without a fast and reliable connection, it is not possible to have reliable communication between your things, much less continually send information to storage or analysis.
Maybe your objective requires many things to be done in small time frames. Preparing data and sending it over for example Wi-Fi is much slower than using a PLC or a circuit board. For most applications, the difference doesn’t matter. But if you need time precision and immediate action, you may have to reconsider where IoT will be used, if it will be used at all.
And, of course, maybe there is insufficient budget available. Say you have all the expertise you need, developed a well-thought plan of implementation and the prototype implementation works as expected. But then, when you estimate the budget for full implementation, you realize it is beyond your investment budget, and it would not be possible to do the implementation incrementally.
In order to meet the needs of present and future (which cannot be fully predicted), systems need to be flexible enough to evolve and adapt. Open integrated hardware and software platforms, and a real-time network that can scale with new technologies would be required to adapt to the changing requirements over time, making step 4 (Selection of tools) and 5 (Selection of platform) difficult (but certainly not impossible) to complete.
These are all possibilities that you have to consider when looking for an IoT solution. That is why you have to acquire the right IoT skills to know what works and what doesn’t when it comes to costs and effectiveness. If you do decide to go ahead, do what you can to do so slowly. If the costs are too great, remember: you are still in the project/prototype stage. Scraping it during the process of complete implementation would mean much more money lost. However, the only way to know whether it will work or not is trying.
Risk 2: Internet Failure
IoT brings yet another dependency into your business, alongside money, electricity, water, maybe even gas and compressed air: the internet.
You might argue that business nowadays is already dependent on the internet: they share files and user access through central servers, have online stores, customer support, websites, along with other things. However, whenever the internet is down, there are still things that can be done inside the business building: working on local files, continue production/manufacture, etc.
But, if, for example, your production lines depend on IoT technology in order to function, whenever the internet goes down, production will stop. Even if electricity is still running. You might have an emergency plan in place for these cases but bear in mind that, after becoming used to the automation for some time, we grow dependent on it.
Let’s go back to our example: without the internet, there would be no way to access the cloud storage containing data on the position of each item, much less any way to know where to put each item coming down the line. Production would have to be stopped while the problem is sorted out.
Internet stability is critical. Confirm that your internet provider can offer you fast and stable internet before considering IoT for your business. It is critical for its continuous work.
Risk 3: Security
Security, however, is the biggest problem. When your business starts to depend on the Internet, it develops another weakness: it can be invaded. That means something as simple as a DDoS attack can shut down production, or a well-planned attack can give unauthorized third parties access to all the data gathered by the sensors throughout the years or even your customer’s information.
Having a security breach is the easiest way of making the news in a bad way. If you are a big company like Google and Amazon, that isn’t too much of a problem. If you are a startup, this may mean your demise. Here are some breach scandals that gave some headache to their CEOs (to say the least):
- The Amazon Echo Dot, Google Home, and recently Siri and Skype all recorded users conversations, without their knowledge or consent, and sent it to contactors for manual review. Engineers reviewed and confirmed what happened. Being high-profile companies, this sprung the debate about privacy and espionage of private citizens by companies;
- Geolocation company LocationSmart accidentally allowed users to discover the location of every phone on any of five US carriers (including Verizon and AT&T) as well as three Canadian carriers without the need for credentials. The location data was being provided by the carriers themselves, which promptly stopped doing so upon news of the breach;
- Routers from a number of companies (including major ones such as Cisco and TP-Link) were found to house a virus implanted by state agents at least twice. Once, with the VPNFilter, which was attributed to Russia by the Ukrainian government, that was able to collect data on files being transmitted and execute commands, as well as the Slingshot, which was present in routers for at least six years in a dormant state and was capable of the same things as the VPNFilter, being attributed to the CIA by Wikileaks.
Some measurements are:
Endpoints are all the computers that receive data. Those may be edge computers, gathering data in real-time from a group of sensors, in-house computers, receiving information from those computers after being interpreted and through some kind of protocol, in order to either store it locally or sent to a cloud storage and, of course, the storage computers and the computers used by the data analysis team, which will later receive data from storage.
Endpoint security is the one you should be used to if you use computers on a daily basis: anti-virus software, firewalls, anti-malware, etc. This will prevent malicious software from both affecting your computers and spreading throughout your network.
However, consumer products most likely won’t be enough, you need something specialized: the amount of data being received, processed, and then sent is very fast and can’t be slowed down. The protection software needs to work constantly and shouldn’t interrupt the flow of information.
To ensure that all data being transmitted inside the building was made by your company’s computers and following your specifications, it is a good idea to establish communication protocols: they are “digital bureaucracy”. A series of steps and actions done by a program when initiating and terminating communication with another computer. Properly following these steps means data transmission is done smoothly. Otherwise, there will be errors.
It is also possible to digitally sign every connection, such as is done with HTTPS pages (you may have already seen the green mark Firefox and Chrome have been exhibiting lately near the page’s URL). The digital signature is yours, and only you can access it and implement it into the software.
Authentication and access protocols are a must. They consist of creating different users in a central server that can also be used in other computers throughout the building (or even buildings). Everyone that is hired by the company should be tied to a single user in the network that is restricted to a specific set of permissions and computers that are related to its job. This also applies to the physical world: everyone should be restricted from using other parts of the building unless needed.
This is a way of preventing people with malicious intent from accessing the information they are not meant to access, and that way, preventing a data breach. The means to implement this are many and frequently evolving, such as two-factor authentication, biometric scans, access cards, digital certificates, among many others. Also, use secure passwords.
The central server should also be used to ensure access control in the network: it should control and oversee the ports and data being transmitted inside the facility and also in communication with the outside.
For communicating with external endpoints and helping secure the network in-house, there is also the option of using a Virtual Private Network (VPN), which creates a secure and encrypted environment in the networks and allows encrypting traffic and masking IP, securing your network against outside attacks and traffic interception. But bear in mind that, if getting a VPN service, get a trustworthy one, or your data still won’t be safe.
I’ve dealt with access to endpoints, however, there is also another matter that may sometimes be forgotten: transmissions can be intercepted.
The way to prevent this is through encryption: the data, in binary format, is passed through an algorithm along with a key, the encryption key. The algorithm and the key will determine how the data will come out. And it will come out unreadable, with no apparent format. In this state, it is sent through the network to another computer. This one will have the decryption key. Passing it and the encrypted data through another algorithm will recreate the original data.
There are many encryption methods, each with different advantages and disadvantages: some involve constant keys, some have keys with a limited lifespan, some add other factors into the algorithm. The process of encrypting and decrypting takes time (the algorithms are rather robust, due to keeping security in mind), this means that using this at every endpoint may not be wise. However, when transmitting the data to external servers, this is a must.
Encryption can also be done with “stationary” files: hardware, folders, files, even whole databases can all be encrypted, allowing access only to those who have a password or a key that can decrypt it.
This encryption subject can all sound very hacker-y to people outside of IT, but with computers becoming faster and more powerful every year, it is starting to become commonplace: communication apps such as Whatsapp and Telegram have point-to-point encryption (meaning the only ones that can read your messages are the ones on each point, that is, the sender and receiver), and the cloud storage company MEGA encrypts all of the data stored in it and provides only the owner of the data with access to the decryption key.
Sometimes, people do break through security, as good as it may be. That means you should also consider looking into ways to discover whether you were invaded or not, and whether the invaders have changed anything or not.
Every change, every connection, and such should at the very least be kept logged and monitored.
Keep Software Updated
Although constantly updating software may seem like a chore, keep in mind that is what makes them reliable. Software is rarely ever perfect, and every day new issues and bugs are risen and corrected. With cybersecurity software especially keeping it updated is critical to maintaining your network security: new malware and viruses are created and discovered every day, and the anti-virus companies keep on constant watch for them to catch, dissect and be able to prevent them.
Similarly, keeping the operating system and IoT platform updated allows to fix security problems it inherently has and that could be exploited, and with web browsers just the same.
When all this is being designed, prototyped and implemented, there is something that must always be considered, for every part of the project, and in every step: not everybody that is working on it today may continue working on it in the coming years. As time goes by, employees may leave or relocated, new employees may be hired, and the work done by the ones that left must be passed on to the new people just joining. That is why documentation is needed.
Documenting is the process of detailing, in writing, every detail of a project: all of its process of development and implementation, how to maintain and repair it, procedures and bureaucracies involved, how to work with it, how to do some specific tasks, authorizations, who access to what, and more. It is a tedious but extremely necessary step to ensure that everything keeps running smoothly in the long run. You never know when someone will leave and need to be replaced, nor when you have to replace the hardware with more updated ones, or when you have to replace a device adapted for IoT with one that was designed for IoT.
Everything must be written in detail forming a “master” document, and then divided into smaller documents for specific purposes: maintenance, everyday work, inner workings, theoretical model, listing endpoints, sensors and actuators and their characteristics, and then given to every employee that needs to use it whenever needed.
And remember: the documentation must be kept up-to-date.
Keep investing in security
Remember: nothing is perfect. You may invest a lot into making a very secure network and still get a breach. In order to prevent that, some companies invested in hiring hackers and security experts to “compete” with one another, with the hackers trying to get access to restricted data, while the security experts keep the system secure, preventing their attacks.
The more your company grows, and the more data you have to handle, the harder it gets. As you expand, remember to also expand your investments in security, lest you suffer the same fate as Equifax.
Risk 4: Doing nothing
The risk of doing nothing is much greater than many people think. The old saying ‘innovate or your competitors will set you aside’ is more true than ever. Nowadays the credo is ‘embrace digital transformation or simply die!
However, just as every investment has risks, it also has rewards. IoT is new enough to not be entirely mature in all of its parts, but it is mature enough to have some amazing success stories. Many companies, large and small, have managed to successfully implement IoT into their businesses and are already reaping the benefits of it, and will keep doing so provided they keep investing in perfecting their practices and keeping up with the evolution of software and hardware related to it.
Here are some examples of companies that successfully used IoT, either to improve their company or as a business model:
- Caterpillar: in order to make maintenance and continuous functioning of their facilities, Cat introduced sensors into many parts of their machines: fuel tank, oil tank, machine parts, among others. Then, together with using this data to ensure optimized operation, they mixed it with Augmented Reality, providing their operators with a tablet that could be used to see the data of every machine by pointing the tablet’s camera at it, while also using it to provide instructions for how to perform maintenance or repairs whenever needed. It feels like being inside a video game;
- Smart farming: not exactly a single company, Smart Farming is the use of IoT technology to improve farming efficiency, with technologies such as constant environment monitoring (including localized soil monitoring), drone surveillance, and even Machine Learning to be aware and in constant control of every inch of farming land and the situation of very plant. This allows better use of resources, especially water, fertilizers, and pesticides, ensuring that the crops will get exactly what they need, no more and no less;
- General Electric: GE’s IoT software platform Predix is designed around integrating machine-generated data to cloud computing platforms, allowing GE clients to leverage big data for everything from hospital operations management to airline fuel optimization to electrical grid management.
- DHL: to ensure efficient logistics, the company uses a similar implementation to the example used before, with the addition of just about everything being connected to the network in any way: people, forklifts, incoming boxes, stored boxes, outbound boxes, all of them containing information on position, content, status, among many others;
- Airbus: Airbus’s Factory of the Future initiative aims to provide more workplace efficiency by attaching sensors to tools and machines, thereby connecting them to the network, along with providing employees with wearable technology. The objective is to reduce errors and increase safety, while also increasing productivity along with it;
- FANUC Corporation: using sensors to minimize downtime, following the principles of predictive maintenance;
- Gehring: gathers sensor data in its machines to increase efficiency and reduce downtime, while also providing the same data in a user-friendly way for their customers, explaining how the machines and the fabrication process works while allowing them to see them working in real time;
- John Deere: pioneered self-driving vehicles with their self-driving tractors and advances in GPS technology;
As you can see, the Internet of Things is a rather complicated world, full of intricacies and risks, but also able to give you unimaginable rewards.
Always keep in mind before delving into it that it is much easier to botch the implementation than to implement it well if you dive in without having the right skills. Every step of the project features new challenges, from problem identification to full implementation and continuous investments, and every challenge must be identified, acknowledged, and solved.
For that reason, be sure to form a team of experts and work together every step of the way. If you do it slowly and in well-thought steps, there is no need to fear to invest in IoT. Be sure to accompany your team closely to ensure that you can minimize costs and maximize returns. Do not be afraid to ask, and do not be afraid to research. Knowledge really is power.
Also, remember: IoT is still in its infancy in some ways. New technologies and solutions will come out, and you may want to keep track of them. Do not forget to implement security measures and maintain up-to-date documentation, nor be afraid to scrap the project and start anew if it doesn’t work as planned.
IoT is a great revolution in the way we do things: from day-to-day small tasks to production on an international scale, and it can give you a competitive edge like never seen before. If you’d like more in-depth information and knowledge regarding IoT, Concepts and Terminologies, Monetization Options, Business Orientation, Enabling Technologies, etc, it is advised to upskill through the Internet of Things Foundation certification course or a similar program.
Download this article as a pdf whitepaper
Never miss an interesting article
Get our latest news, tutorials, guides, tips & deals delivered to your inbox.
Related products to help you upskill
The CCC Internet of Things Foundation certification provides the business perspectives of IoT including the advantages of early adoption and monetization models. The course provides professionals with an overview and insight into the emerging technology. It further expands on the technologies enabling IoT and the various challenges to expect. Several scenarios describe the use cases and applications…