The Internet of Things (IoT) is beyond inevitable – it’s arrived. From here, it’s only going to accelerate, impacting hugely on both personal and business lives.
For an idea of how the landscape might develop, just consider the expansion of cloud computing markets over the past decade or so. Like the IoT, cloud computing has been fuelled by the increasing reach and consumerisation of the internet.
It has engendered huge opportunities for businesses, enabling them to create, transmit and store information in new ways. Consequently, specialist cloud computing companies have sprung up in all directions.
The innovative, agile ones have survived, and in many cases thrived. The slower ones, those that attempted to do too much (or too little) have not.
More specifically, the expansion of cloud computing has gone hand-in-hand with an increasing focus on the security of the data in question. Who owns what information and who can share it? Who might be able to see it without permission, and how can it be protected?
Commentators have rightly started considering the complex issues of data ownership and sharing raised by the IoT, if more from individual, end-user or consumer points of view. But the question of malicious data access and theft also needs serious attention.
‘A data breach won’t happen to me’ was once a valid approach from businesses from a statistical point of view, if not necessarily an ethical or good business practice one. But times have undoubtedly changed. High-profile corporate data breaches hit the headlines regularly, caused either because the company has been the malicious target of criminals, or because of human error.
Such breaches have affected not just businesses as a whole, but also millions of individual users, whose usernames, passwords and contact details have been compromised and even posted online. Data security, then, is both an internal and an external issue – it matters hugely to both the organisation and its end users.
Where the IoT makes data security even more complicated is in the transmission of data across the millions of connections between different devices. While those devices are clearly potential weak points themselves – it’s easy to guess that an internet-connected fridge, to borrow one of the most frequently used device examples, might not enter the market with the highest available standards of data security – the vast number of communication links, not to mention the storage infrastructure necessary to support the IoT, presents a data security challenge on a scale never before seen.
Many telecommunications firms could have a powerfully competitive edge in the IoT marketplace if they were to adequately solve this data security issue, but too many are still relying on out-of-date add-ons, or worse, skirting the issue altogether.
In the IoT landscape, with millions of connected devices and still more millions of connections between devices, the critical data security approach is to secure information at the source, where it is first generated, rather than in the IoT transport mechanism. This ensures that data is safe both in storage and in transit.
With this in mind, at Device Authority we have developed a Data Encryption Security Platform, which works across any device and any existing platform, providing a complete data protection, privacy and encryption solution. It ensures that data is protected from the point of creation, and gives our IoT and M2M partners and their respective markets and customers absolute peace of mind in the dynamic new IoT landscape.
I’m hugely excited to be part of the Device Authority team, leading our company into this hugely innovative marketplace. Building a global software company and solving this insidious data security issue is one of the major technology challenges of our time.
Operationalizing Trust for IoT “If digital transformation is the rocket ship, trust has to be the fuel for that rocket ship” Zulfikar Ramzan, CTO, RSA Security.
We are in the GDPR home straight with the finish line in sight. However, that thing we see is not the finish line but the deadline. We are now only weeks away from the inception of the new GDPR regulation, that fundamentally changes the way organizations manage, process and protect personal information. Are organizations ready to manage consent, reporting of a data breach, subject access requests etc., etc.? Do organizations understand how exposed their business and brand could be?
