IoT security: How device manufacturers and security providers need to gain user trust
The conversations around security and the Internet of Things (IoT) will not go away any time soon - but if the fears are put off for much longer, it could be too late. A report issued last month by Telefonica argued this very case; the cyber security industry lags behind the proliferation of IoT devices, and the effects are potentially catastrophic.
So what needs to be done in the meantime? Axel Hansmann, VP portfolio and strategy for Gemalto’s M2M business, argues device manufacturers and the security industry need to work together, and that consumers need to be able to put their trust in devices.
“For the companies supplying these devices, security must be at the forefront of their design process and they must ensure it is intertwined at every point along the supply chain”, Hansmann tells IoT Tech. “This means not only securing the data on the device itself, but through the journey of networks towards the data centre and even beyond.
“Once users are able to fully trust that their connected devices are secure and their privacy is guaranteed, we’ll then see IoT really reach its full potential,” he adds.
The move towards greater trust is a process which has already begun, if the millennial workforce is anything to go by. Some argue the latest generation are far more open with their data, while other studies – Bitglass found 57% of end users polled do not participate in a BYOD scheme because of data fears – disagree with it. Hansmann argues millennials are more used to sharing data as being ‘part and parcel of pretty much most things’, but adds: “With the creation of IoT and its integration into our daily lives, the data collected becomes more complex and can paint a far detailed picture of our day-to-day activities.
“The smart meter is a great example where data is collected for a utility company that can help paint the picture of a consumer’s energy usage and activity, [but] data of this type in the wrong hands could leave users extremely vulnerable,” he adds. “Encrypting this type of data is vital to ensure users’ privacy is protected, and only those that have the authentication to access the data can do so.”
On the security side, Hansmann insists protecting the device, or the data isn’t enough. “In order for business to secure their products, they must think about protecting everything, including their software to ensure their IP can’t be tampered with, and encrypting the data to ensure nothing can be taken even if a breach occurs,” he explains. Hansmann advocates a ‘hub’ system which functions as a ‘knowledge base’ for all the devices on the network; different levels of security, from infrastructure and software embedded within each device, would prevent hacking on one side and collect usage data on the other.
Yet when asked for the biggest challenge facing the industry in 2016, Hansmann replies: “Trust. Without consumer trust, IoT will not reach the levels we expect it to.
“The industry has an education and development job on its hands to convince the world that their data is secure when using these devices. If they can do this, we can expect to see a great number of opportunities IoT will bring, including reducing operating costs for businesses and energy savings for consumers,” he adds.
Interested in hearing industry leaders discuss subjects like this and sharing their IoT use-cases? Attend the IoT Tech Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.
- » Japan approves bill to accelerate drone and 5G developments
- » Amazon’s Ring causes further concerns over third-party data-sharing
- » Securing IoT applications for the next era of industry: An important challenge – and opportunity
- » At the front of the grid: How Formula 1 leads sporting franchises in data and analytics
- » Seven in 10 companies know of hacks against their IoT devices, research finds