So, you’re prepared for the Zombie Apocalypse and need something new to worry about, like maybe security concerns about the Internet of Things.
Scenarios range from the mundane to horror movie extreme. Some are real. Most are hype.
IoT security has various meanings: data privacy, reliable connections, protection from attacks. And technology options add to the chatter.
While embedded software in simpler machines might be able to override or shut off wireless connection, there’s growing concern over products that act within a network of other products.
Take the smart home, for instance.
“You can think of some really bad things that could happen if someone takes over your ‘smart home’ says Will Lumpkins, chair of the IEEE Sensor Standards Committee.” But instead of looking at the worst-case scenario, he counters, consider current technical standards that raise, not lower, the bar for security.
“With AES 128 and encryption on WiFi, a benefit of “artificial intelligence” could be to increase the level of security and ensure that it stays secure,” Lumpkins says. “The AI has Trusted Protocol Mode to be sure it operates at a higher security level.”
Security is getting more attention now that consumers, not just companies, are more connected, says Paul Roberts, who tracks online security issues. The growing number of devices and wireless applications—thermostats, locks, lights—came to market in 2014-15, and networked fitness bands, video cameras and other devices raise concerns about personal safety when using apps to interact with strangers.
Mechanical light switches and door locks are reliable, Roberts says, however those newfangled electronic versions don’t have as solid a track record. And user habits, not the technology, are likely weak spots for security, as well as the tech itself.
And making connected products work insync without loopholes is yet another challenge.
“We’re used to Bluetooth not working all the time, if you’ve ever tried to pair things it’s finicky,” Roberts says.
People may not be as forgiving if they can’t get into their garage.
No computer is immune and completely safe, PTC CEO James Heppelmann told a LiveWorx audience last week. Software and hardware security has to keep pace with evolving technology. What has changed is that now manufacturers of items with sensors need to support those connected goods for its usable lifetime, he said.
“A lot of these edge devices don’t have the computing power to run anti-virus software – its an ongoing process where we keep improving our responses and defenses, and bad guys keep working on their attack methods,” he said.
That reality opens up opportunities for new businesses. Companies like Crittercism and EIQ are emerging to provide monitoring and threat detection. Reputation.com or LifeLock safeguard your private data, financial scores or medical records.
There is always a trade-off between functionality of networks and devices and the appropriate safeguards, says Peter Coddington, CEO of PaRaBaL Inc., which helps enterprises develop policies and strategies for deploying mobile data.
“You don’t want the security to be so ironclad that devices get harder to use, but when you’re dealing with a remote pacemaker adjustment or something that critical, users need to be sure they’re protected,” he says.
The Federal Trade Commission and U.S. Congress have put industry executives on notice that security is a major concern.
Observers say the signal was clear when FTC Chairwoman Edith Ramirez gave a speech at the annual Consumer Electronics Show on protecting consumers and families in the digital era.