Site Logo

The role of the risk assessment in any IoT rollout

While cyber security needs round-the-clock consideration, the process of mitigating risk should not be onerous, but rather positive. These risk assessments are about being prepared to meet the challenges as they happen, rather than having to take remedial action later down the line.

Matthew Margetts, Director of Sales and Marketing at IoT company Smarter Technologies, explains the importance of IoT risk assessments.

The Internet of Things (IoT) is a phrase that communicates the positive power of technology in the home or workplace, and the ability to take control to direct an outcome remotely. From switching heating controls to flushing toilets and replenishing items, the IoT automates, optimises, and controls both simple and complex day-to-day tasks.

But what if the control is hijacked by someone unknown, operating at a distance with a dark motive?

Matthew said, “as a manufacturer of remote monitoring and control equipment, I was recently asked about security to prevent third-party attacks along with the security audits we support and sponsor. At this point, it must be noted that we use a radio spectrum that is not truly the ‘Internet of Things', but we are lumped into that category. But the principle of security is the same: one must undertake a risk assessment on any equipment being introduced.”

At a minimum, a risk assessment should cover:

  • What are you monitoring?
  • How is this being done?
  • What would happen if the data were lost, tampered with etc?

In 99 per cent of cases, the risk is minimal as the data flow is linear, heavily encrypted, backed up, and the monitors do not affect the operation of the underlying equipment.

Where a device can take control, such as in an auto flush system or entry door control mechanism, clearly, the operational software and device firmware need to be understood, and, at minimum, meet UK standards. Further, the operational protocols need to include provisions for if the equipment malfunctions, how that is captured and remedied. If people get locked in a revolving door, for example, you need definitive, easily accessible information on how to get them out.

Matthew added, “IoT risk assessments are not onerous. I believe that conducting a risk assessment allows the client to look at the operations of a property or unit independently of the IT piece. This presents an opportunity to consider separate systems and outcomes. Importantly, the client considers how they act on the data they are capturing, ensuring that the patterns that are revealed are understood and that the associated benefits can be harnessed across the organisation.”

Cyber security is a 24/7 consideration, but the process of mitigating risk should be a positive experience. It is about being prepared and ready to meet the challenges rather than having to take remedial action.

More News
1 month ago
How to prepare for the new changes to employment laws
Employment laws are due an overhaul in April, with changes to flexible working, request amends, and protection for new parents and carer's leave, among other changes. Vivek Dodd, CEO of Skillcast, warns that failure to comply could result in serious consequences.
1 month ago
British Safety Council Keep Thriving workshop to take place in Cardiff
As part of its charitable work, British Safety Council is offering SMEs and micro-sized organisations in Cardiff the chance to attend a 3-hour workshop, delivered by its Being Well Together experts, completely free of charge to explore how to develop a well-being strategy.
1 month ago
Mitel appoints new SVP and Head of International Region
Mitel, experts in business communications, has announced the appointment of Simon Skellon as SVP and Head of International Region.
1 month ago
VIPRE Security Group appoints new General Manager of Business Security Division
VIPRE Security Group, a cybersecurity solutions provider, has appointed Usman Choudhary as General Manager of its Business Security Division, encompassing VIPRE EDR and Advanced Threat Protection for Email, SafeSend for Email, and Inspired eLearning security awareness training.
1 month ago
Ascentae unveils smart workplace experience centre
Ascentae, a UK-based workplace solution and value-added distributor, has announced the opening of a new Experience Centre in the heart of Clerkenwell, London.
1 month ago
IT at forefront of sustainability efforts, but lacks proper tools and expertise
A report commissioned by OpenText has found that IT departments are playing a major role in achieving corporate sustainability objectives and cited the lack of innovative tools and expertise as the primary challenges they face in meeting those goals.
1 month ago
Harrison provides bespoke manufacturing services to B&Q stores
B&Q set out to find a partner that could provide a range of display components, including a new-look dump bin. While the products had already been designed by B&Q, Harrison was invited to tender for the project at a later date.
1 month ago
Leyard Europe LED supports new educational exhibition
A 4K CarbonLight VX LED screen from Leyard Europe forms the heart of a new inspirational and educational exhibition at the headquarters of the European Molecular Biology Lab (EMBL), Europe’s flagship laboratory for research into life sciences.
1 month ago
Crawley Town Centre BID invests in AI visitor behaviour platform
Crawley BID has invested in Place Informatics Visitor Behaviour Platform to help understand, manage, and improve town centre services and events.
1 month ago
Viking re-establishes presence in Ireland
Office supplies reseller Viking is re-establishing its presence in Ireland with the opening of a distribution centre in Dublin, the development of a local sales team, and the creation of a local customer service centre.

Login / Sign up