How much have you spent on server-based, multiple-vendor systems to monitor, alarm, log, and report critical room conditions throughout your enterprise?
Probably a lot more than you might imagine once the total cost of ownership tally includes hard dollars, as well as intangible, ancillary, and contingent costs.
Dollars are being consumed by an unwieldy platform that may expose operations to the ongoing security risks inherent in the Internet of Things.
If You Build It, You Will Spend
First, on-site servers to monitor and log temperature, humidity, differential air pressure, and other conditions monitoring, require a large capital outlay for primary hardware as well as backup and redundancy systems.
Ongoing costs include repair, replacement, maintenance, and upgrades over time. Server-based systems also require a physical footprint.
Expenses include all costs associated with build-out and construction, as well as energy and physical maintenance. (Ironically, there are usually monitoring costs incurred to protect the sensitive hardware that is processing the other monitoring data.)
Before totaling the tally, don’t forget staffing costs. Local IT systems require the watchful eye of a skilled (translate: expensive) staff to maintain, update, and scale, all at significant expense to the enterprise's bottom line.
How much money would be saved simply by nixing the dollars spent on the platform's physical plant and on employees/contractors who keep it running?
Then there’s the security issue, ironically, brought about by the IoT and the system itself.
Toto, I’ve Got a Feeling We’re Not in Kansas Anymore
In 2009, the first internet search engine designed to locate internet-connected Internet of Things (IoT) devices (such as smart meters monitoring rooms, hallways, and physical plant equipment) was launched to catalog the number of smart devices on the internet.
In 2015, the University of Michigan created another web crawler called Censys to index and tag IoT devices, including those used in building automation/control (BAS) platforms.
Data pools from both crawlers are readily available, easy to use, and utilized by security researchers and hackers alike.
There is now a trove of information available to legitimate interests and those of a more nefarious nature, including system version, host ID/license, host name, and even the name of the building where the device resides.
Once a device is located, existing software applications make compromising it relatively easy.
Ransomware and other malware attacks have been targeting healthcare facilities for years, and the costs can be staggering.
In 2015, one hacking exploit alone, named “CryptoWall,” cost victims $18 million in productivity loss, legal fees, IT services, network mitigation, and countermeasures, as well as the purchase of credit monitoring services for employees or customers, according to the FBI Internet Crime Complaint Center.
By October 2016, some 14 hospitals had been hacked coast-to-coast, and an attack on Hollywood Presbyterian Medical Center in Los Angeles subjected the company to $3.4 million in ransom and reduced patient in-processing and communication to stone-age technology.
The threat has not diminished. Ransomware attacks continue to target healthcare enterprises, prompting Raymond Pompon, a principal threat researcher with F5 Labs, to opine in April 2017 that “[R]ansomware ha[s]proven itself as an existential threat to medical service delivery in modern hospitals.”
Significant sums are being spent to protect against the ongoing IoT security threat, and exponentially more is at risk for victims.
There is, however, an alternative to DIY data centers and the measures required to secure them.
Cloud-based services, such as Sonicu’s SoniCloud, for example, require no additional hardware, software, or physical space; no IT resources; and are always updated to the latest version with no added expense or downtime.
What’s more, those hosted on Amazon Web Services AWS US East-West are FedRAMP Compliant, providing unsurpassed system security.
According to the AWS website:
The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
Government agencies using AWS cloud services include the FDA, CDC, NASA, and the US Department of State, and commercial enterprises like Netflix, Spotify, and Instagram are just drops in the bucket of digital companies using the AWS cloud platform.
Not only does the AWS cloud provide continually enhanced security in a dangerous digital landscape, but it also provides continually enhanced performance – at no additional cost.
Software and firmware updates are generally included with cloud-based subscription agreements, and all platform maintenance is performed within the agreement as well, eliminating the need for IT departments or third-party contractors for system maintenance.
“Beware of little expenses. A small leak will sink a great ship.”
Thinker, statesman, and putterer-extraordinaire Benjamin Franklin came up with that one long ago.
We’ve considered some of the greater expenditures and risks required by on-site enterprise monitoring platforms. What about all those small items that ultimately add up?
Check back soon.
