Managed service providers (MSPs) need to consider whether to implement the Internet of Things (IoT) as part of their portfolios. IoT software is becoming standard across virtually all applications and networks, so MSPs should possess at least a cursory knowledge of the IoT to better suit client needs. Adopting IoT technology into a portfolio can present an excellent growth opportunity for service providers, but it can also come with drawbacks. Carefully weigh your options before making a decision.
The Definition of IoT
The Internet of Things is a concept that describes connected devices. Connected means that they can be reached through some sort of network and exchange data.
We’re not talking about servers or personal computers here. IoT involves industry-specific devices, smart homes, vehicles, and appliances (believe it or not, an IoT refrigerator can send you messages).
If you have spent some time in the MSP industry, you can instantly imagine the possible threats which can stem from the IoT concept. Just imagine the flow of data from microwave ovens, printers, and coffee machines that is reachable through the Web. However, with the IoT there are also plenty of opportunities.
How Service Providers Can Leverage the IoT
In the planning stages, managed services providers should group IoT devices and select which devices, platforms and services can be supported and included in their given offering. Depending on how it is put to use, the IoT for managed service providers can be either positive or negative.
IoT as an Opportunity for MSPs
Currently, 20 billion devices are connected worldwide — a number that’s predicted to grow to more than 62 billion by 2024. As this disruptive market trend grows, MSPs will be forced to decide whether adopting IoT technology is necessary to stay relevant in a competitive business environment.
Managed service providers could offer clients comprehensive solutions for running, monitoring, and managing IoT devices. MSPs that adopt IoT tech can analyze device data, provide ongoing management over data centers, and fill a gap that’s quickly expanding as more people jump on the IoT bandwagon.
As with all new technology implementations, you must take the bad with the good. The IoT can potentially present new challenges for MSPs — namely, security threats. Current predictions put the cost of cybercrime damages at a whopping $6 trillion by 2021. Furthermore, as of right now, Symantec has a database of 74,180 pieces of recorded Internet data (and growing), listing vulnerabilities, malware, spam, and phishing threats.
Service providers considering a move into the IoT space may encounter the following IoT security issues:
- Insecure interfaces. The concept of the IoT is relatively young, and some developed interfaces can be easily surpassed. Hackers can exploit IoT devices such as smart cars, smart home systems, medical devices, and embedded devices. An MSP must take due care to ensure the long-term security of IoT devices before implementing them to safeguard against harmful and costly cyber attacks. If a given device or group of devices is considered too insecure, it is strongly advised not to offer support for your client.
- Insecure network. IoT devices may be reachable through either local or global networks. Thus, as an MSP, you should plan how you would add the given device to your clients’ network. Vulnerabilities in network services, including buffer overflow, denial-of-service attacks, open ports, services, and an exploitable universal database are all examples of IoT-based problems that could leave the network vulnerable to attacks. One connected device left unattended can lead to a ransomware infection across the entire network.
- Exposure of confidential information. Incorporating the Internet of Things into your services as an MSP could potentially expose your business and your clients to serious privacy issues. If you add IoT technology to an offering, keep an eye on data that is being processed and stored. A lack of proper data protection and the collection of unnecessary sensitive information could lead to severely damaged reputations and financially damaging breaches. Restricting access to personal information and collecting only what’s critical to the function of the device can help prevent these issues. Don’t collect data that you cannot secure.
How to Include IoT in Your Offer
IoT can be included in different parts of your offering. For example:
- Hardware installment and management. Choose the type of hardware you trust and can offer your customer (like connected fire alarms, security cameras, printers and so on). Don’t try to support every solution on the market. There are hundreds of new platforms appearing every year, and it won’t be time-effective to try and master them all.
- Security. As part of addressing network and software security issues tied to connected devices, and before upselling a security package for your customers’ IoT devices, carefully review the exact devices they have, list them, and plan and test your protection practices.
- Data storage and backup. Many IoT devices are used to track and collect data. That data should be somehow stored and backed up. If you already perform data backup and management for the given customer, it might be a good idea to include connected devices with that package.
It is always important for managed service providers to compare the benefits of implementing IoT with the potential risks. As the IoT expands and develops into millions of connected products, the possibilities for new growth are endless. At the same time, however, more IoT devices mean more IoT security issues, more opportunities for hackers to take over, corrupt systems and steal sensitive data. Effective security is possible with IoT for managed service providers, but only with the right provisioning and planning.