The role of the risk assessment in any IoT rollout

While cyber security needs round-the-clock consideration, the process of mitigating risk should not be onerous, but rather positive. These risk assessments are about being prepared to meet the challenges as they happen, rather than having to take remedial action later down the line.

Matthew Margetts, Director of Sales and Marketing at IoT company Smarter Technologies, explains the importance of IoT risk assessments.

The Internet of Things (IoT) is a phrase that communicates the positive power of technology in the home or workplace, and the ability to take control to direct an outcome remotely. From switching heating controls to flushing toilets and replenishing items, the IoT automates, optimises, and controls both simple and complex day-to-day tasks.

But what if the control is hijacked by someone unknown, operating at a distance with a dark motive?

Matthew said, “as a manufacturer of remote monitoring and control equipment, I was recently asked about security to prevent third-party attacks along with the security audits we support and sponsor. At this point, it must be noted that we use a radio spectrum that is not truly the ‘Internet of Things', but we are lumped into that category. But the principle of security is the same: one must undertake a risk assessment on any equipment being introduced.”

At a minimum, a risk assessment should cover:

  • What are you monitoring?
  • How is this being done?
  • What would happen if the data were lost, tampered with etc?

In 99 per cent of cases, the risk is minimal as the data flow is linear, heavily encrypted, backed up, and the monitors do not affect the operation of the underlying equipment.

Where a device can take control, such as in an auto flush system or entry door control mechanism, clearly, the operational software and device firmware need to be understood, and, at minimum, meet UK standards. Further, the operational protocols need to include provisions for if the equipment malfunctions, how that is captured and remedied. If people get locked in a revolving door, for example, you need definitive, easily accessible information on how to get them out.

Matthew added, “IoT risk assessments are not onerous. I believe that conducting a risk assessment allows the client to look at the operations of a property or unit independently of the IT piece. This presents an opportunity to consider separate systems and outcomes. Importantly, the client considers how they act on the data they are capturing, ensuring that the patterns that are revealed are understood and that the associated benefits can be harnessed across the organisation.”

Cyber security is a 24/7 consideration, but the process of mitigating risk should be a positive experience. It is about being prepared and ready to meet the challenges rather than having to take remedial action.

More News
7 hours ago
Dynabook updates dynaEdge AR smart glasses solution
Dynabook Europe has announced an update to its dynaEdge AR (Assisted Reality) solution with the launch of the dynaEdge DE200, the next generation of its Windows 10/11 Pro mobile edge computing device.
4 days ago
Employers must take action to protect staff against Omicron variant
With the threat that the new Omicron COVID-19 variant is posing to the workplace, Mike Robinson, Chief Executive of British Safety Council, advises how employers can best manage the risks particularly in the run-up to Christmas.
4 days ago
Local Authority carbon neutral strategies flawed
Almost nine in ten councils have declared a climate emergency – but faced with multiple, often contradictory, pressures and targets, how many have any confidence in the next steps to take?
5 days ago
Hybrid working preferred by two-thirds of Brits
Two-thirds (66%) of those who currently work at home say they prefer this to a full-time in-person office work model and a quarter (25%) will look for a new job if forced back into the office. RingCentral is urging leaders to ensure their teams have the tools and resources they need to maintain a flexible, hybrid approach to work.
6 days ago
Avocor announces its new E Series
Avocor has launched its new E Series interactive displays. Available in four sizes, ranging from 55” to 86”, the E Series features optically bonded glass in a 4K IR interactive display format.
1 week ago
Ingenico launches PPaaS Payments Platform as a Service offer
Ingenico has announced the full commercial launch of PPaaS, its Payments Platform as a Service solution to its clients and partners. Built on a new cloud-based technology stack, PPaaS is a key component in the evolution of the Point of Sale (POS) into an ecosystem enabler.
1 week ago
Payroll provider Intelligo makes finals in ReWard Strategy Awards
Intelligo, the company behind the payroll solution MegaPay, has been shortlisted for the finals in seven categories of the prestigious ReWard Strategy Awards.
1 week ago
Sustainability should be driver behind retail digital transformation
With COP26 taking place earlier in the month, the actions needed to mitigate climate change are now becoming a serious priority among world leaders.
1 week ago
Atos and Metropolitan Police Service strengthen relationship with new contract
Atos has been awarded a contract by the Metropolitan Police Service to deliver Application Management Services to support the Service’s digital policing vision for up to seven years.
1 week ago
Over 1/3 of finance professionals felt vulnerable in last 12 months
A recent Chartered Body Alliance global survey has revealed some realities regarding the treatment of customers in vulnerable circumstances, including that 33 per cent of respondents working in financial services considered themselves to be vulnerable within the last 12 months.

Login / Sign up