Cloud computing and the internet of things: how to minimise risks
Fifteen years ago, in August 2001, the beta version of Amazon’s cloud computing service was launched under the name of EC2: “Elastic Compute Cloud”. These days Amazon’s cloud computing business (Amazon Web Services) is the market leader – only last year, it boasted sales of over $11bn and, according to newspaper The Economist, “shows no sign of slowing its progress towards full dominance of cloud computing’s wide skies”. In parallel, the Internet of Things (IoT) is also on the rise, with experts estimating that it will hit 50 billion objects by 2020.
There is an incredibly tight connection between cloud computing and IoT, which is why we have decided to look at concerns related to these new technologies and suggest ways for how to tackle them, on behalf of companies that want to jump on the bandwagon and start using them.
Understand connection between cloud computing and IoT
First, we must understand the reasons for the connection between cloud computing and IoT.
One of the main reasons is that IoT technology is still in its pioneering phase; it is therefore likely to be developed by innovative businesses, whose managers are likely to prefer the flexibility and price efficiency of cloud solutions. Secondly, the main aspect that makes IoT so interesting in the technology sector is the amount of data that it can generate, which can be then analysed in order to draw relevant conclusions about users, market trends and so on. The cloud infrastructure perfectly answers this requirement for massive data storage, since it is cheap and flexible.
The UK Information Commissioner’s Office (ICO) recently published a blog article where it gave the public information about how to “protect themselves” when using IoT devices (full text here). Although IoT devices are not as “dangerous” as the blog post title might imply, there is a real need to be aware of the risks of this technology and to take the necessary steps in order to avoid (or at least minimise) risks. The main concerns are security of the devices and privacy of the personal data.
The ICO identified six tips for people preparing to use IoT devices:
- Researching the security of a product before buying it, including finding out about updates and how the manufacturer deals with security issues;
- Ensuring that the router, as the main point of connection between your IoT devices and the internet, is secure;
- Setting passwords that are not easy to guess and making sure that different user names and passwords are used for each account/IoT device;
- Checking the manufacturer’s website periodically for security updates and installing them;
- Understanding the specific security and privacy characteristics of each IoT device before starting to use it;
- Using two step authentication whenever possible, in order to make it even harder for outsiders to break into your device.
3 tips to minimise risks on cloud computing adoption
These tips were targeted at the wide public, but we believe there are some useful lessons for companies in there too. We therefore extracted three important pieces of advice that are suitable for companies:
- The first piece of advice to take away is to do proper research before starting to use IoT devices; researching the product itself is not sufficient, relevant information should also be gathered on the manufacturer.
- The second tip is to ensure that all access points, whether physical (router) or technological (log-in) to the IoT devices are properly secured, either by means of multiple layers of authentication, encryption or by other specific security features.
- Finally, the third piece of advice is to periodically check for security updates and to make sure that the newest version of software is downloaded on your devices – older software is more vulnerable to threats.
Given that IoT and cloud computing are on the rise, it is a good idea to start looking into these technologies and consider how, and to what extent, your company might want to use them to boost productivity. But before that, make sure to follow the suggestions above in order to minimise the possibility that you or your company are subject to a hack or cyberattack.