Managing your Industrial Internet of Things (IIoT) environment can quickly become a little like herding cats. With potentially hundreds of thousands of internal and external IoT end points driving an explosion of data, several challenges arise quickly, including IoT-network scaling, lack of support, data protection and security.
The Real Reason Manufacturing Productivity Is at an All-Time High
What’s being called the “fourth industrial revolution” reveals a dramatic improvement in domestic manufacturing productivity, something that has little to do with the winds of politics and rhetoric and more to do with IoT, data and analytics. Manufacturing productivity continues to ramp, as it has been since 1920, owing primarily to improvements in operational fundamentals and, most recently, smart operations and the Internet of Things.
In the factory enterprise, data is coming in not only from the shop floor but also from external customers throughout the entire supply chain. As a result, manufacturers must implement new protocols and precautions and implement new quality control measures.
The Big Risks of IIoT
Industrial IoT in particular has made its way to the modern-day factory floor, offering dramatic improvements in productivity, data visibility and predictability. But at the same time, that heightened level of connectivity opens the door to industrial espionage. The benefits are evident, however, and the genie is out of the bottle. Companies that ignore the potential upside may face a competitive threat. Given these challenges, what are the best ways to adopt IIoT technology while ensuring safety, security and privacy?
In this IIoT environment, what happens in the data center is inextricably linked to what happens on the shop floor. Industrial espionage and theft once required cloak-and-dagger tactics and in-person subterfuge, but no longer: the datacentric focus has shifted the risks to the data center.
So although the benefits of IoT are undisputed and the technology is here to stay, so are the risks and vulnerabilities. ZDNet recently issued a warning exposing how botnets are taking advantage of poorly secured IoT devices for the sake of DDoS attacks. Actors of this nature can use vulnerable IoT devices in the manufacturing industry to act as proxies and route malicious traffic for cyberattacks.
Mitigating the Risks
An important and probably the easiest method of countering this vulnerability is by identifying all IoT devices on the network and ensuring they’re up to date with the latest security patches. This task can be thoroughly and easily accomplished with the help of patch-management software.
When deploying patch management, keep in mind that not all industrial-network-device vendors consider security, and some IIoT devices may not even be patchable. Accompany a patch-management protocol with an appropriate sourcing process that evaluates the security and patchability of devices.
When the growing data volume precludes manual audit or oversight and the number and type of risks is unpredictable, the key to success is bringing that predictability back into the environment. Predictive data management yields two benefits: First, from a customer and operational perspective, it allows for a more optimum supply chain, better insights into what customers want now and in the future, and better control over the manufacturing process. Second, predictive data management mitigates those risks and vulnerabilities.
Managing IIoT also begins with knowing what’s there—a potentially enormous challenge when the extended industrial network encompasses not only tens of thousands of internal IIoT end points but also the end points of every customer and every supplier in the extended global supply chain. Manual network inventories have been impractical since the 1990s. An automated hardware- and software-asset tracker is essential, and even more essential is that it be cloud based to accommodate manufacturing’s increasingly global nature.
Finally, the era of the IT priesthood is over, and the manufacturing network must acknowledge that IT won’t always be the final arbiter of success. Non-IT management will use extended industrial-network-asset data as a major element of critical decision making, supply-chain management and optimization, and creation of a production environment to meet demand. The benefits of knowing where the network end points are, what they do and whether they work are about more than just network management and even cost. This information enables new insights into production patterns and how the extended supply chain functions.
Best Practices in Optimum IIoT
Best practices for achieving an optimum IIoT environment that mitigates risks and vulnerabilities include the following:
- Patch management. As mentioned above, the easiest ways to avoid security breaches are often missed, and many of the biggest and costliest data breaches could have been avoided with basic automatic patch management. Case in point: Equifax’s 2017 data breach occurred in part simply because a patch was missed.
- Predictive management environment. Employing one allows for a more active approach to spotting vulnerabilities before they become too serious.
- Remote inventory. In the face of proliferating IoT end points, maintaining an active and constantly updated inventory is essential to avoid letting end points slip through the cracks.
- A 360-degree view. Implement quality control and management of the IoT cloud not only in the enterprise, but in all trading partners.
- “Low-hanging fruit.” IIoT end points seldom get the same attention as desktop computers, servers and routers. Protect against easy hacks like open TCP/UDP ports and serial ports, unencrypted communications, and open password prompts.
- Network security. Besides the IIoT devices themselves, secure the network connecting them by implementing strong two-factor authentication that first includes a username and password and second an electronically-generated SMS, Google authentication or email. Of course, appropriate password protocols should always apply.
The Internet of Things has reached critical mass, and the risks are becoming more evident, particularly in manufacturing. Fortunately, they can be predicted and managed so the full potential of IoT can still be realized.
About the Author
Dan Blacharski is an industry observer and thought leader and has been a counselor and marketing adviser to dotcoms and startups since the 1990s. He is editor-in-chief of PRBlogs.org.