Are security and privacy holding IoT back?

August 28, 2017

Posted by: Avadhoot Patil

The IoT may have as great an impact on society as the industrial revolution, computers and the Internet have had. Maybe even more.

It’s all about “making better decisions faster.” The industrial revolution was based on innovation and creativity, individual freedom and organisation. Consider that the Hoover Dam, one of the wonders of the twentieth century, was designed with slide rulers, paper and pencils. Three decades later, we managed to get men on the moon using computers that had a fraction of the power of our smartphones, says Cees Links, general manager of the Qorvo Wireless Connectivity business unit.

The motivator of “making better decisions faster” drove computers into existence, and it is driving the IoT to the forefront, too. It will make our personal lives more comfortable, more safe and secure. We will waste less energy. The IoT will make the quality of our products better.

Factories will be more efficient with raw materials and other resources. We will be able to better monitor our environment, and our impact on it. The IoT is not a break from the past, it is a natural progression forward in making better decisions faster.

We have made much progress, but now the IoT seems to be crossing the “Valley of Disillusionment,” that quieter, post-hype phase where sobering reality starts kicking-in. Usually this is the period where the fads and the wild ideas separate from the strong and realistic groundswell of useful applications. It’s also a good time to ask some core questions.

Is the IoT secure?

Probably the simplest answer to this question is “no.” It is as secure as the Internet, which is to say, not entirely secure. It is as secure as driving a car or flying a plane, which is to say, not entirely secure. Consider thinking of IoT security risks in the same way that a window in your house is a security risk. If you want to make your house safer, you could start by eliminating all the windows.SecureHome

Maybe a better question is, “Are the security risks of IoT applications acceptable compared to the benefits provided at a reasonable cost?” Although this question clearly depends on the application and the perception of the user, this can generally be answered with a clear “yes”. However, we should not be complacent about this either: it makes sense to keep on making the IoT more secure.

What about IoT and privacy?

The question of IoT privacy follows the same trail as the IoT security. The IoT is as private as the Internet, which is to say, not entirely private. And again, it may be more useful to consider the trade off between the need for privacy versus the benefits of the Internet and IoT.

It is clear, that different people have different needs for privacy. There are people who safeguard their online information, and other people who “spill their guts” via social media and other applications. And then there are larger issues related to technology and privacy, like Google Maps driving by your house.

There is also the rather interesting ignorance about privacy when it comes to the growing number of devices that people have at home or carry with them. Devices like phones, tablets and TVs with cameras and microphones that can hear and see everyone in the room, unnoticeably. We even buy microphones to place in the living room or on the kitchen counter. (Hey, Alexa!) And we think that Alexa is not listening the rest of the time. Right?

So privacy is clearly a trade off between the benefit of the application versus the impact of giving up some level of privacy. The key thing here is making an informed decision about this trade off, but unfortunately, product makers are not always transparent on this issue.

Cees Links

Cees Links

This also means that privacy and privacy protection are becoming more legislative/enforcement issues than technology issues. Under what circumstances can information be collected, how and where will it be stored, and how will it be used? What are the penalties for infringement? What are the requirements for safeguarding collected private information, and what are the penalties for failing to do so?

While there is significant legislation in development, it needs to be understood that this development is taking place after the train has left the station.

The impact of the IoT

So where are we with the IoT? Even if we are currently crossing the Valley of Disillusionment, we should not be distracted. We still have a lot to learn: maybe less technology and more business and usage models on maximising the value-add, including how to deal with security and privacy, but we are in the middle of shaping a better world for the next generation.

The author of this blog is Cees Links, general manager of the Qorvo Wireless Connectivity business unit

Comment on this article below or via Twitter @IoTGN