Trade show HANNOVER MESSE provides an international platform for the latest in industrial transformation to be showcased, debated, and experienced. Multi-industry participants across research and development, IT, production, supply chain, and communications share ideas and inspiration on industrial transformation.
At this year’s event, it was clear just how important fast and secure access is in our hyper-connected world has become. However, devices, machines, robots, and more, simply cannot connect to the internet of things (IoT) using a traditional network infrastructure model. They should instead connect securely to the cloud using the principles of zero trust.
Expand and contract: a brief history of connected devices
Before long, all devices and machines will have an IP address or be managed by something that has an IP address. That’s beneficial to move manufacturing and other industrial endeavors forward, but what we must avoid is a repetition of mistakes made over the years in secure access and connectivity.
The internet began as an open, free-for-all environment in which anyone could connect anything. Corporate networks were shielded from the outside world with firewalls.
As more devices connected, and more data was created, organizations began to claw back control, restricting access and securing information exchanges.
Like an elastic band, free access to information would expand and then contract. It has been this way with each new development in interconnectivity. First, everything is available and easy to access, then it is restricted, only to be opened up and then restricted again.
This will be the case with the IoT and, in fact, the entire interconnected world of technology. From e-bikes to robotic arms, and everything in between, they will all be enthusiastically IP connected. When the insecure reality of this strikes, restrictions will have to be imposed and access made more specific.
Orchestrating the IoT
The risk is that those restrictions will, as history suggests, be very network-focused. Our cybersecurity legacy is to impose firewalls. Security is important, and risk management is important. Access should be restricted appropriately but not necessarily by securing perimeters.
For starters, attempting to manage and control operational technology (OT) and IoT connected devices within individually-walled gardens misses the point that, long-term, a multitude of interconnected services will have to be orchestrated.
IT isn’t core business for most organizations; it is a means to an end. However, as companies automate and simplify their business operations, they gain multiple layers of technology. That requires business logic orchestration to determine who can connect to what, to achieve what result.
What does this mean for industrial transformation?
Right now, the IoT is revolutionizing factories, warehouses, supply chains, and more, generating new business models. It is rare for these innovations to be retrofitted for existing, legacy systems and operations. Companies simply cannot afford the integration downtime.
Instead, they adopt new innovations to be competitive, often through mergers and acquisitions with other companies. Start-ups aren’t hampered by legacy and can build from scratch for the new world. This industry consolidation will result in the reuse of new technologies for wider applications.
Enterprises do need to develop anew to compete, but they must also make what already exists better. In this, technology is an enabler. It can help remove friction by improving existing business models.
Zero trust creates a clear line of sight from data origin to destination
Companies are envisioning an interconnected world, but they must consider application security protection at the same time. This is where zero trust comes in. It stipulates security beyond the network to secure individual connections, with tightly controlled access according to roles and responsibilities.
In this way, security rises above network ‘noise’ with its firewall, multiple systems, and legacy infrastructure, to only allow connections that should happen. Zero trust overlays the ‘broadcast’ communications of the network, creating a clear line of sight from data origin to destination.
This enables companies to evolve beyond network infrastructure thinking. For the interconnectivity they now need, they must instead think at the application level. This is undoubtedly a shift for companies used to a ‘castle-and-moat’ approach of securing the perimeter. It is a much-needed shift though because, as industry accelerates toward a wide-ranging, innovative IoT, zero trust can help realize corporate aims for secure connected machines, devices, and applications.