The Internet of Everything is on the mind of seemingly every major technology vendor these days. The IoE is also sometimes called the Internet of Things, though the terms may refer to slightly different concepts. With smartphones, tablets and ultra portable laptops having already revolutionized how, when and where people go online, makers of sensors and other networked endpoints are looking to take things to the next level with an even more sophisticated ecosystem of devices.
Breaking down the IoE: Basic concepts and technologies to know
At the recent Cisco Live U.S. 2014 conference in San Francisco, Cisco vice president Mala Anand stated that the IoE was a model for “business transformation at scale” and referenced the company’s prediction that IoE-related technologies could eventually become a $19 trillion market.
But what is the IoE, exactly? While it is not that different from what currently exists with billions of IP-enabled endpoints all over the world, its name usually connotes increasing scale and complex interactions between machines and humans. Some of the core categories of the IoE may include:
- Machine-to-machine: Smart sensors, robots and servers can communicate to streamline and automate processes such as inventory maintenance, real-time infrastructure monitoring and factory production.
- Machine-to-people: Also known as machine-to-machine-to-people, this category includes increasingly popular devices and services designed for tasks such as health monitoring. Wearables such as the Jawbone Up and Fitbit Flex have extended the reach of data collection and IP networking beyond just PCs and other devices with screens. To give a sense of scale: Last year, Jawbone announced that it collected 60 years of sleep data each night.
- People-to-people: The name sounds strange, but many individuals already use something that fits into this category – social networks. Web-scale infrastructure and highly efficient algorithms keep these platforms running, but the key connections are between humans
On a more technical level, the Internet of Everything entails a slew of new networked hardware. Toothbrushes and refrigerators that connect to the Internet may still be over the horizon in terms of mainstream acceptance, but there’s already been plenty of attention on companies such as Nest Labs. The maker of smart, programmable thermostats and smoke detectors was acquired earlier this year by Google for more than $3 billion.
There are a lot of potential benefits to the IoE. Some industry proponents, such as Salesforce.com’s JP Rangaswami, have argued that the IoE will do for technology what widespread electrification projects did for electricity – make it ubiquitous and an invisible - but constant and important - part of everyday life.
“The net effect [of the Internet of Everything] will be to reduce waste everywhere: in physical flows and logistics, in the movement of people and goods; in logical flows and logistics, in the movement of ideas and information; decisions will be made faster and better, based on more accurate information; prior errors in assumption and planning will be winkled out more effectively,” stated Rangaswami, according to eWeek.
What security risks exists with the Internet of Everything?
Almost as popular a topic as the IoE’s business impact is the IoE’s implications for cybersecurity and privacy. Prominent Internet-enabled properties, from eBay to Adobe, already struggle to steward the private information of users, falling victim to substantial data breaches that in turn fuel future cybercrime, as attackers acquire the credentials needed to go after other accounts. What will happen if and when connections are more pervasive?
A report from Pew Research and Elon University’s Imagining the Internet Center, “The Internet of Things Will Thrive by 2025,” delved into both the risks and possible rewards of an extensive IoE. On the worrisome side are the authors’ expectations that the evolution of the IoE, like the advances in computing capabilities in general, is going to set off an arms race between the security community and cybercriminals.
Certainly, equipping a large number of endpoints with Wi-Fi, Bluetooth and/or cellular radios could be productive in some use cases, such as monitoring for equipment failures and relaying the findings back to a server. But it is unclear what how – and by whom – all of these new data exchanges will be secured.
Taking responsibility for IoE security
Individuals and organizations are right to be concerned about whomever bears the responsibility for securing the IoE. The Heartbleed flaw demonstrates that even critical technologies such as encryption, which shield transactions such as online banking and payments, are vulnerable and in need of increased funding from the many vendors that benefit from them. Given the scope of the IoE, the stakes for cybersecurity are only going to get higher.
“You’re going to have to secure the device or the sensor, you need to secure the data, and you’re going to have to secure that across an open network – it really is a massive, massive change,” stated Stuart Dommet, Intel head of business marketing, according to The Inquirer. “The access to personal data is probably one of the biggest changes we’ve got going forward – and it can destroy your company. It’s very important [that] we understand what that security model is going to look like, because we can’t afford to run private networks.”
Depending on the types of data being transferred, companies and security experts may have to consider locking them down or implementing access controls. In this respect, IoE security may weave in many traditional cybersecurity practices, only at much greater scale than ever before. Due diligence will require attention to a broader range of devices, as well as the knowledge that there is now a larger potential number of attack surfaces that could be gateways for data breaches.
None of this means that consumers have to start worrying now about sensationalist possibilities such as their toasters or freezers being hacked. But it worth examining the tradeoffs that are inherent in the IoE – having network access all the time, everywhere, means that security and privacy strategies have to be front and center. We will take a closer look at managing the IoE in the next part in this series.