Joseph Micallef

Chief Operations Officer at BEAT

Ing. Joseph Micallef is Chief Operations Officer and Partner at BEAT, a Maltese niche-based consulting firm specialising in the provision of project management, strategic advice and business transformation solutions.

The risks of embracing IoT

Tuesday 13th November 2018

While there are broad and exciting applications for IoT (the Internet of Things) technologies in business, the implication of their widespread usage is not without complication or risk, particularly from a security and environmental perspective.

The threat to cybersecurity

Nowadays, there is a lot of noise about IoT, as the technology has finally emerged into mainstream public view. IoT technology includes everything from wearable devices equipped with sensors that collect biometric data, to smart home systems that enable users to control their lights and thermostats, and connected toothbrushes designed to help improve brushing habits. These devices typically come with built-in electronics, software, sensors and actuators. They are also assigned unique IP addresses, which enable them to communicate and exchange data with other machines.

There is no doubt that IoT devices make our lives easier. Smart home technology, for example, can help users improve energy efficiency by enabling them to turn on (and off) lights and appliances with the tap of a touchscreen. Some connected devices, such as smart medical equipment and alarm systems, can even help save lives.

However, there are also serious security risks associated with this technology. As the IoT ecosystem expands, so does the attack surface which can be exploited by cybercriminals. In other words, the more we rely on connected technology in our day-to-day lives, the more vulnerable we are to the cyberthreats that are increasingly tailored to exploit vulnerabilities and design flaws in IoT devices. This presents a daunting challenge for cybersecurity professionals. They must not only protect their own devices, but they must also defend against threats targeting external machines that might connect to their networks.

Even if service providers promise us the best-secured encrypted protection, it therefore goes without saying that it is perfectly sensible to raise the question of privacy and security when we discuss IoT.  Many believe that as with any technology, an organisation’s IoT deployment is only as secure as the human beings who operate it. Awareness training and ongoing education throughout all levels of the enterprise, therefore, are deemed critical. This applies to both device manufacturers and the companies that invest in their technology. Even though substantial progress has been registered in this regard, I still remain somewhat undecided about the risks associated with cyberthreats, and  until I am better convinced, I would tend to take the more cautious approach, and limit the exposure of my business and that of my clients’, on the connected space.

As we said before, thanks to the timely convergence of many technologies, anything can now be reached and interfaced with, anytime, anywhere. This is fertile ground for application developers. But as electronics are increasingly embedded in the economic and personal fabric of society, we will need to manage these devices beyond their useful life, both to protect the environment and to maintain our supply of materials.

The challenge of e-waste

We have established that these technologies have become critical to our way of life and to our growing economy. With these technologies, however, comes the increasing challenge of protecting human health and the environment from the harmful effects associated with the unsafe handling and disposal of these products. There are many proponents of the view that e-waste is one of the world’s fastest growing waste streams. With the pervasiveness of IoT, the production of e-waste is bound to accelerate. Electronic equipment used throughout the IoT value chain will eventually end up as e-waste. Even at United Nations level, there has been a strong move to raise awareness of the dangers of e-waste, and to encourage the inclusion of e-waste management in the design of national policies for information and communication technologies (ICT).

For a substantial part of my career, my core involvement as a Lean preacher and practitioner has been that of identifying process waste, and ensuring the maximisation of resource capability in organisations. Across the years, I have seen so many opportunities for process and material waste to be eliminated, or heftily reduced.  Experience has thought me that more often than not, this waste comes from the improper definition of the basic activities, tasks, and a poor description of associated business rules.

There is strong evidence that having IoT introduced into processes can greatly contribute towards addressing many of these issues, provided that the codified process is designed and implemented intelligently enough. I would expect that the beneficial aspects of the introduction of IoT into organisations can be an opportunity to save on various process and physical types of wastes generated (and hence less pollution: less material scrap to go to landfills, less energy consumed, etc.).  For this to occur, however, products should be designed and manufactured to reduce their lifecycle environmental impact. Environmental concerns should also be an integral component of smart manufacturing, which has a symbiotic relationship with the Internet of Things.

There are benefits in tracking e-waste. If IoT-enabled objects were to have not only a standardized Global Positioning System (GPS) tracking capability, but also some sort of universal e-identification, it would facilitate recycling, reuse and end-of-life management. This could help to overcome the cost challenges of collection and recycling, and open up new opportunities for the private sector, such as the recovery of rare-earth metals. It would also facilitate the enforcement of regulations restricting the use of certain hazardous substances.

The widespread deployment of IoT technologies has the potential to boost efficiency and productivity in both domestic and enterprise settings, and to improve our quality of life. However, these attractive possibilities need to be accompanied by a strong sense of awareness, and a determination to implement actions which mitigate the risks we mentioned in this article, so that we can exploit IoT, while safeguarding our future.