As service organizations adopt more remote technology, and our world is increasingly connected, cybersecurity has become a bigger deal for this industry. Back in May, I spoke to Charlie Hales at Waterstons at length about security.
I was reminded again about how the importance of cybersecurity is growing for service when I saw the most recent Circle of Trust report from security firm Utimaco. It is based on an international consumer survey, and highlights just how connected everyone is, and how worried they are about their data as a result.
According to the findings, most respondents are worried about data security (more than 80%) and a little more than a third have been the victim of data loss, identity theft or digital fraud. At the same time, more than 66% of respondents own a mobile device and 38% report using smart devices in their homes.
In fact, despite being worried about security, people are pretty enthusiastic about connected devices, particularly smart TVs, virtual assistants, energy saving devices (like smart thermostats), and security systems. Only 26% of respondents felt knowledgeable enough to make informed decisions about digital security.
These insights have implications for field service on a number of levels. First, we know customers are concerned about data security, while they are also being asked to provide their information to more providers on a larger number of devices. This goes beyond just giving your credit card number to Amazon or Target; all sorts of sites and devices are interacting with personal and financial data all the time.
In addition, more people are engaging with smart devices – everything from connected cars and appliances to home security systems and smart utility meters. These non-computer devices are connected to home and business networks in rapidly increasing numbers.
Field service has been at the forefront of taking advantage of what is often called IoT, with machines interacting with operators, other machines, and service technicians over the internet. This connectivity is at the heart of remote service initiatives and puts field service right in the middle of the growing cybersecurity threat.
Some Customers Balk at Network Access
One of the big obstacles in remote service has been connectivity – customers are sometimes hesitant to allow outside parties or vendors access to equipment on their networks, both to protect trade secrets and to ensure internal security. The Utimaco report backs up some of these objections: When asked if they have ever been a victim of data loss, identity theft or hacks related to a smart home device, 41% of US respondents said yes.
For businesses and customers already grappling with their own highly exposed networks, granting access to service providers can seem like inviting catastrophe.
But, there is a safe way forward for field service providers and their customers – and service organizations not only need to take appropriate actions but also become adept at quelling the concerns of their customers.
First, field service providers must make sure their own house is in order by implementing up to date security technology, working with their software vendors to make sure client data is safe, and maybe hiring an outside provider (since in-house cybersecurity talent is hard to come by) to audit their security infrastructure, make recommendations, and deploy better solutions.
If you want to be able to remotely monitor and connect to equipment operating in a customer facility or home, that work on the back end will help prove you are trustworthy enough to have that access. In the case of commercial clients, you may very well have to provide significant documentation around your own security capabilities.
Second, make sure the connected equipment is also sufficiently secured. In the past, we mostly had to worry about computers and mobile devices having onboard security. In the IoT world, connected vending machines, industrial equipment, and home appliances represent potential security threats – not because they hold valuable data (although in some cases, they might), but because they can be leveraged as launching pads for attacks on other organizations. Or they can provide a gateway into an otherwise secure network.
We have already seen some IoT and smart building-based attacks. Back in 2016, the Mirai botnet launched a massive denial of service attack using IoT devices. In Germany in 2021, a building automation engineering firm was hacked and lost control of its building automation system devices. A similar attack in Finland knocked out the heat for two housing blocks in the dead of winter.
Those types of incidents are a good reminder that service organizations need to take these threats seriously and implement the processes and tools that are readily available to safeguard their remote solutions and, ultimately, their customers.
Do you have any experience with cybersecurity issues, or found strong solutions to secure remote service platforms? Reach out and let me know what your experience was like.