CloudComputing

Internet of Things Security Gets Personal

CloudComputing

Every new advancement in technology brings security challenges. When the Internet became popular, many people had serious concerns about exposing the enterprise to the outside world. For companies to adopt Internet technologies, they had to accept a tradeoff: taking on new vulnerabilities in return for game-changing business value creation. With the emergence of cloud computing, history is repeating itself. It no longer is feasible to resist the movement to the cloud because of security fears. There must be some acceptance of risk and an effort to minimize that risk with sound architecture, good process, and continuous monitoring. The business value of cloud is too great for businesses to sit on the sidelines.

IoTWe have seen a large number of security breaches recently. There have been a number of issues with point-of-sale systems being breached, websites being penetrated, and healthcare data being stolen and sold on the black market. In such cases, our credit card data, health information, and passwords are exposed. The damage can include fraud, identity theft, invasion of privacy, and so on. Some of my personal data has almost certainly wound up in the wrong hands, but that will not prevent me, as a user of the Internet and cloud, from using these technologies. I may proceed with caution, but in no way will I stop using these technologies. I can always change passwords, get new credit card numbers, and cancel accounts. In these instances, the “bad guys” have access to an account number that I can shut off.

The Internet of Things (IoT) changes the paradigm. We find ourselves at the “security vs. business value” crossroads once again. Only this time, the tradeoffs are much more personal. Now, we are exposing to the outside world things we own and things we rely on to function properly. With a connected home, our home security system, lights, garage door, thermostat, appliances, and much more potentially could be hacked and controlled by outsiders. Connected cars expose us to a number of risks we’ve never had to consider before. Newer cars like the Telsa are software on wheels. It is scary to imagine what could happen if someone unauthorized were to take control of that software. In the AgTech space, large machinery—such as farming tractors and mining machinery—is highly dependent on Internet connectivity. If these machines are breached and made inoperable, businesses can grind to a halt. The days when a farmer gets out a toolbox to fix the tractor may be a thing of the past. Today’s machinery depends on complex computer systems. Smart cities are another example. Many cities are investing heavily in IoT to automate decision-making to increase efficiency, reduce traffic, improve the environment, and improve law enforcement. The tradeoff is that everything we do is now being tracked or monitored.

The point I am making here is that with every new technology, adoption takes time because of this tradeoff between security/privacy and business value. As the technologies mature, mitigating solutions emerge that reduce those risks. At some point, the scale tips to the point at which business value far exceeds the risks for most people, and consumers and business planners accept the tradeoffs. With Internet of Things security, the risks are much more personal and harder to overcome. The business value in the industrial segments comes from process optimization, improved service capabilities, and operational efficiencies. In many cases, the ROI is in the millions. For the industrial IoT (IIoT), I expect that broad adoption will proceed rapidly. For use cases that directly impact our personal lives, like connected homes, connected cars, and healthcare, I expect a much slower adoption rate. Breaches in these areas are personal, and they can be much more catastrophic than someone’s getting our credit card information or passwords.

Summary

As it does with every new technology, adoption will become widespread as new security architectures and solutions emerge. Certain use cases will involve risks that some people and companies may find too high: the risk vs. reward tradeoffs may tip too heavily toward risk, even if the business value is great. This space will be an interesting one to watch over the next several years. It all might sound farfetched and Orwellian, but it is real, and it is coming to a connected device near you soon.

Stay safe.

Share this Article:

The following two tabs change content below.
Mike Kavis
Mike is a VP/Principal Architect for Cloud Technology Partners. Mike has served in numerous technical roles such as CTO, Chief Architect, and VP positions with over 25 years of experience in software development and architecture. A pioneer in cloud computing, Mike led a team that built the world's first high speed transaction network in Amazon's public cloud and won the 2010 AWS Global Startup Challenge. An expert in cloud security, Mike is currently writing a book for Wiley Publishing called "Architecting the Cloud: Design Decisions for Cloud Computing Service Models (IaaS, PaaS, SaaS)" which is expected to be released in late 2013.
Mike Kavis

Latest posts by Mike Kavis (see all)

Related Posts:

Leave a Reply

Be the First to Comment!

wpDiscuz