IoT challenges have recently become a hot topic due to the continuing proliferation of IoT devices. But what is IoT, exactly, and how does it affect information governance?
Depending on who you ask, the answer to this question appears to be in the shadowy area now linking once inanimate objects to the rest of the world.
IoT is a technology in which everyday objects (beyond the obvious cellphones) such as household appliances, light bulbs, TVs, automobiles, copy machines, sensors and personal devices have the ability to communicate with each other. Devices with this functionality offer “always on” network connectivity, which allows them to send and receive data without the need of human interaction.
To give you an idea of the potential of IoT, Forbes reported that IoT use is projected to grow from 15.4 billion devices in 2015 to 75.4 billion devices by 2025 — a five-fold increase. Because of this estimate, many organizations are now asking the question: How will this affect our information governance and eDiscovery responsibilities?
IoT and connected devices are bringing in more data than companies ever planned for. One of the biggest IoT challenges that organizations face is deciding what to do with all of that data; dispose of it or keep it? If kept, for how long and where?
With the growing amount of data being generated by IoT devices, how will an organization’s IG processes keep up and help manage it? The reality today is that most IoT data is not captured, stored and analyzed — just overwritten.
One of the main reasons for this delay is there hasn’t been an obvious trigger to cause companies to worry about it. However, many organizations are beginning to recognize the value in IoT data. In addition, new regulatory requirements are causing IoT to become a focus of concern. Perhaps the most interesting reason companies are beginning to pay attention is due to IoT’s role in the courtroom. IoT data can be put on a litigation hold, collected and reviewed due to an eDiscovery request.
Many big names in the high tech arena have begun to offer solutions for specific industries such as manufacturing, transportation and health care. However, these IoT solutions are typically focused on industry processes, not data collection, storage, retention/disposition and data analytics for everyday company use.
For example, offices can have tens, hundreds or thousands of IoT devices pushing data to the internet (or receiving data). If this data needs to be captured, managed and made searchable, who will this task fall on?
In reality, it will likely fall on a combination of legal, IT and IG professionals.
What organizations need to do is create specific IoT policies and processes. They also need a dedicated IoT server to collect the data, secure it, normalize it (so it can be searched) and either directly apply data management policies to it or transfer the IoT data to an existing data management/archiving system for ongoing management.
According to the IoT forecast above, there will be five times as many IoT devices as humans — generating unmanageable amounts of information — by 2025. What will be done with all of that data?