Internet of Things
What is it and Why do I care?
Rick Ryan
Pitney Bowes Fellow
rick.ryan@pb.com

What is the Internet of Things?
Networks of physical objects connected in order to exchange
data and control the objects.
It extends network connectivity beyond computer, tablets and
smartphones to everyday objects: thermostats, cars,
appliances, lights, farm equipment, medical devices, smoke
detectors…

What Does IoT Enable?
Proactive
Maintenance
Better Customer
Engagement
Transform Business Models
Convenience
Remote
Monitoring
Optimize
Operations

IoT
Risks
Data
Hidden
Costs
Hackers
Vendors share business data
Compromise of customer data
Legal/Regulatory violations
IoT devices and services could:
• spread malware
• open holes in your network security
• allow an attacker inside your network
Increased IT overhead
Ancillary liabilities

PB Experience
Clarity™
Goal of Program
• Decrease maintenance costs
• Increase customer productivity
Overview
• Inserters send data related to machine performance to an
“edge” device
• Edge device “whitelists” data and sends to cloud service
• Cloud service analyzes data and produces reports

PB Experience
Security Challenges
• Customers process sensitive data:
− Addresses, health insurance, financial
• Cloud storage and processing
• Machines are mission critical – impact cash flow
• Network access enables new attack possibilities
Client Firewall
Integrated Services PC
XML File
Generator
TLS
PB Cloud
TLS
Cisco 819
Integrated Services Router
Content
Whitelisting
DC
File
Server
File Share

PB Experience
Addressing Security Concerns
Only collect machine data
Physically segment machine network
One point of external connection
Restricted set of external endpoints
Cloud Service has multiple certifications

Questions to Ask
Consumers to Providers of IoT
Do I need this?
What data is being collected?
• Will you share the data with anyone else?
• How long will the data be kept?
• How is the data protected?
What is your patch plan?
Has your device and cloud service been tested by an independent lab?
What security certifications does your device/cloud service maintain?
What access to my network do I need to provide?
• Ports to open
• Who will connect the devices?
− Do I need to give your technicians network credentials?
• Will connections always be initiated from inside my network?
• What bandwidth is required?
Convenience
Mission Critical
vs.

Questions to Ask
As a Provider of IoT
What data do I need?
• What do I plan to do with the data?
• What are the legal implications?
Do I need remote access?
• What are the safety concerns?
• What are the legal implications?
How will I keep my device/service up to date?
What certifications do I need?

Thank You
Rick Ryan
rick.ryan@pb.com