Let’s Go Smart and Forget The Rest?

No doubt more and more things will be connected to the Internet. The result is more data, and a lot more data. According to a report by Mckinsey, the number of Internet of Things (IoT) devices would increase to 30 billion by 2020. Wide-ranging applications of IoT are being developed, it will change the way people carry out everyday tasks and potentially transform the world. For example:

  • Smart lighting is not only cool, but also reduce energy consumption and lower electric bills.
  • Connected cars linking up with smart city infrastructure can reduce congestion.
  • Connected healthcare devices, such as Fitbit and portable diagnostics devices, track health data and give us a fast and convenient way in monitoring our own health. Personal emergency assistance systems for elderly and beacons-attached firefighting uniforms track a person’s inactivity and increase the chance of saving someone’s life.
  • Beacons trigger in-store discount offers. Inventory sensors on shop shelves improves inventory planning and replenishment, reducing the out-of-stock frustration.

IoT Security & Privacy Issues

Too much data:  The amount of data that IoT devices can generate is staggering. A Federal Trade Commission (FTC) report entitled “Internet of Things: Privacy & Security in a Connected World” found that fewer than 10,000 households can generate 150 million discrete data points everyday. This creates more entry points for hackers and leaves sensitive information vulnerable.

Vulnerability to hacking:  Researchers have been able to hack into all sort of devices on the market with sufficient time and energy, which means hackers would likely be capable to do so too. According to the AT&T’s Cybersecurity Insights Report Volume 5, many IoT device manufacturers fail to incorporate even basic security measures, and the devices arrive in the market with security flaws that make them attractive to hackers. Even more vulnerabilities are added when several companies are involved from design to deployment (one company designs an IoT device, one provides component software, one operates the network, and one actually deploys the device). It is often unclear which company is ultimately responsible for security.

Eavesdropping: Manufacturers or hackers could actually use a connected device to virtually invade a person’s home.

Worth a thought

While companies investigate how it might use IoT and the collected data for business purposes, they cannot forget “security by design” by building security into their devices, rather than treat it as an afterthought. A defense-in-depth approach, where security measures are considered at several levels, may be needed for systems with significant risks. For starters, companies must ensure that their employees adhere to high standards of privacy practice. Those that work with third-party developers also have the responsibility to provide adequate oversight to protect the privacy integrity of the system.

Some advocates of data minimization suggest focusing on certain types of use restrictions to protect consumer data. With this approach, legislators, regulators, self-regulatory bodies, or individual companies would set “permissible” and “impermissible” uses of certain consumer data. ________________________________________________________________________________

[1] http://www.mckinsey.com/industries/semiconductors/our-insights/the-internet-of-things-sizing-up-the-opportunity

[2] https://www.gsma.com/iot/news/smart-traffic-key-step-towards-smart-cities/

[3] https://www.forbes.com/sites/reenitadas/2017/05/22/10-ways-internet-of-medical-things-is-revolutionizing-senior-care/#d7d34135c8f4

[4] https://www.forbes.com/sites/louiscolumbus/2017/03/19/internet-of-things-will-revolutionize-retail/#32feecfc5e58

[5] https://proximi.io/5-amazing-projects-beacon-technology/

[6] http://www.businessinsider.com/internet-of-things-security-privacy-2016-8?IR=T

[7] https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf

[8] https://www.business.att.com/cybersecurity/


2 comments on “Let’s Go Smart and Forget The Rest?”

  1. Thank you for your blog on the security of the data, it was a great post. Individuals are enjoying the convenience that all kinds of smart products they use in daily life. As customers getting used to this convenience day by day, they also started to worry about what the company would do with the collected data that comprises their sensitive privacies, what does it mean when we click the “Agree” box at the bottom of that long statement that few people read? The value of data is unquestionably crucial for a company to have a more comprehensive strategy aiming the market and other uses. Therefore, I agree with your opinion that the all businesses should have an adequate protection of security of user’s data and make it clear to the user that what portion of their data will be used and what will be not.
    MS&E 238A


    Users who have LIKED this comment:

    • avatar
  2. Thank you for highlighting the importance of providing secure solutions to IoT space that today is highly fragmented and cluttered with a multitude of devices, platforms, and systems. Your post highlighted that a relatively small percentage of homes can generate a very high number of data points that makes our data even more vulnerable. This post led me to look around for what, if any, security protocols have been proposed for the IoT space. Some notable names in the networking/technology/telecom space and put forth their vision for how to secure the rapidly growing IoT space. For instance, Cisco has provided an approach outlined here – http://www.cisco.com/c/en/us/about/security-center/secure-iot-proposed-framework.html#4. It is encouraging to know that both private and public sector entities are working towards providing security protocols. As IoT is in the early stages we are wading through these complexities. Security is a consideration that must be addressed soon for IoT devices to reach their full potential. We may have 30 billion IoT devices by 2020, but how many will be wide open to security breaches? Thank you for your insightful post.


    Users who have LIKED this comment:

    • avatar

Comments are closed.