Oct 24 2016

ELC 2016: Security and Privacy Are Key Considerations as Agencies Enter IoT

For systems that connect sensors at the edge to federal data centers, protecting data must be part of the design.

The Internet of Things is still in its infancy, but as agencies deploy systems such as smart buildings and connected vehicle fleets, securing personal data and government information is essential.

“The security discussion comes up on a daily basis,” said Andrei Chursov, senior adviser to the administrator of the General Services Administration. Speaking on a panel at the 2016 ACT-IAC Executive Leadership Conference in Williamsburg, Va., Chursov explained that security should be an essential consideration at every step of an IoT project.

GSA has been a leader among federal agencies in piloting IoT deployments. Chursov noted that the agency has a smart-buildings program that includes 19 facilities, collecting about 30 million data points each day. The results have been encouraging: reductions in operating costs, water usage and energy usage.

GSA is also using IoT to manage a fleet of 200,000 leased vehicles. The system uses sensors to remotely monitor the location, performance and behavior of vehicles, allowing the agency to plan routes more efficiently and prevent unauthorized use.

Agencies Embrace IoT

Other agencies are just starting to take advantage of the capabilities IoT can deliver. Ron Bewtra, chief technology officer of the Justice Department and a panelist at ELC, advised agency leaders to plan carefully before starting work on deploying systems.

Agencies considering an IoT project should start by addressing several important issues. Bewtra suggests that IT leaders:

  • Establish a framework for developing the system
  • Think deeply about policy
  • Give serious consideration to privacy and security

Other panelists echoed Chursov’s and Bewtra’s concerns about security. Designing privacy and security measures into IoT systems is essential, said Chris Smith, vice president of the Global Technology Office for AT&T Global Public Sector Solutions.

The recent distributed denial of service attack on Dyn, a major host of domain name system servers, highlights the need for IoT security, said Peggy Irelan, senior principal engineer for data engineering and industrial solutions with the Intel Data Center Solutions Group.

“Agencies must be able to monitor IoT operations and make sure systems are working as they should,” Irelan said, adding that IoT operators should be able to shut down systems remotely if they start acting outside specific parameters.

Ultimately, IoT presents agencies with significant challenges, but the opportunities it offers are worth the effort, panelists said.

“IoT has the potential to accelerate all the problems we see in open data,” Bewtra said, but agencies can’t shy away from this challenge.

“I think it’s incumbent on us to lead from the front on this,” Smith added.

To learn more about IoT, check out the CDW infographic “The IoT Is Becoming the DNA of the Modern World,” at fedtechmag.com/IoT-infographic.


Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT