IOT: A QUICK LOOK AT THE OVERARCHING SECURITY CONCERNS
What is unique about IoT is that it is not necessarily trying to invent new problems, but tries to solve or optimize how we do stuff. Take for example taxis- we have been able to book a taxi for ages, IoT and smart apps simply make the entire process smarter.
So, the very first step for businesses is to have an understanding of the problem they want to solve before trying to apply technology to fix it. IoT adoption should be driven by the value that can be generated by incorporation of the service.
Once the need and potential benefits of IoT is understood, it’s time to tackle the next and most pressing issue relating to IoT- SECURITY!
Securing IoT’s Success
The make or break factor for IoT will no doubt be security. Think about the data you are storing, and how you are ensuring it is safe. As an example: When you book a taxi, you tell the taxi company your exact location. If that service is not secure it can become a problem. Or if your door access system sits in the cloud, and such systems actually exists today, then if the service is not secure you could potentially have your door unlocked from the cloud. Generally, IoT services needs to be built with security in mind, as any failure to deliver the same can cause a huge impact to the reputation of a service.
Breaking it down to the basics, IoT relies on sensors that gives some data back, this data is then used by the services, which then delivers a value to the client.
There are a number problems with this. First of all, the data you are giving off: Is that fit for a 3rd party to have, and where is it stored? Is the service in itself secure? What is your IoT provider doing to keep your data safe?
Then another issue around IoT is the vast amount of sensors that will take part in this. We are talking about as many as 50 billion sensors by 2020. All of these sensors are cheap, low cost devices- a major factor as there will need to be so many of them. When you buy a $7 smart power plug how much security do you then think they were able to design into the hardware?
Another problem is the software: IoT devices use software like any other devices on the internet. Some of them with generic operating systems like embedded Linux. How do you patch 50 billion devices in case of a general vulnerability, like what we saw with Heartbleed in OpenSSL?
And finally there is the service provider themselves. Are they trustworthy? How do you verify they are trustworthy? I am absolutely certain that the same way we have rogue applications in Appstores, we will see rogue IoT service providers.
Don’t Wait, Innovate!
It’s imperative that CIOs and business leaders acknowledge these challenges and begin to evaluate solutions. The challenges should be addresses rather than ignored, and they shouldn’t be a deterrent to implementing IoT in general.
In the industry, we have a term called “Kodak Moments”. Originally a tag line from a Kodak commercial in the 80’s, but in more recent years, it refers to the point where people went from print pictures to digital pictures and Kodak was left with the greatest product in the world, but no one wanted it. They simply failed to innovate in the area- (Just anecdotally, Kodak actually did invent the digital camera in the 90’s they just thought no one would ever use it)!
Businesses today will find themselves with the Kodak moment if there is someone who can deliver the service smarter or better than they can today. Therefore, CEOs and CIOs within organizations focus on how they can innovate in their business. I am not saying that IoT is the only way they can innovate, but when mass adoption takes off, those that have no prepared themselves will struggle to play catch up.
Nicolai Solling, CTO at Help AG