One area where the IoT industry has a lot of work to do is in data privacy and platform security. Assuming that the average person owns 20-40 connected devices from perhaps as many manufacturers, how will they interconnect, federate, and authenticate in a secure manner? How will sensitive data be encrypted, stored, and destroyed after its usefulness has expired? And by increasing the number of attack surfaces for hackers to exploit, are we facing a cyber-meltdown? As Pipeline has written in the past, it’s much easier to break into a home with 30 windows than only two.
Edith Ramirez, Commissioner of the Federal Trade Commission (FTC), spoke in depth about these issues during her keynote at CES 2015.
“Whether it’s a remote valet parking assistant, which allows drivers to get out of their cars and remotely guide their empty car to a parking spot; a new fashionable bracelet that allows consumers to check their texts and see reviews of nearby restaurants; or smart glucose meters, which make glucose readings accessible both to those afflicted with diabetes and their doctors, the IoT has the potential to transform our daily lives,” she said.
“Connected devices that provide increased convenience and improve health services are also collecting, transmitting, storing, and often sharing vast amounts of consumer data, some of it highly personal, thereby creating a number of privacy risks,” Ramirez continued.
Service providers can insert themselves in the IoT value chain by offering security and privacy platforms from which to launch IoT services. Specifically, these policies can be baked into IoT clouds operated by CSPs, like AT&T’s M2X and Deutsche Telekom’s M2M Platform. For service providers that might not have the deep pockets of an AT&T or DT, vendors such as Essence and Intel also offer secure IoT platform services. There are four basic guidelines for privacy and security in the IoT cloud:minimize the data collected;
destroy data that is not longer needed as soon as possible;
encrypt sensitive data; and
adopt transparent, easily understandable data sharing policies.
The challenge isn’t whether or not a smartwatch can connect to a home stereo to stream music, or if the smart thermostat will automatically warm up the house when your car is 10 miles from home. The challenge is in the interoperability of these devices, and the creation of a single security platform for the digital life.
No one know more about quality of service (QoS) and quality of experience (QoE) than CSPs, who have delivered real-time communication for eons and who have been tasked as the default support team for a myriad of over-the-top (OTT) services like NetFlix and Skype. Service providers hold the pipes and have the deepest QoS and QoE visibility, and can and should monetize this in the IoT market.
If new digital services in IoT are to catch on and become part of the fabric of modern society, they must be easy to use and convenient. Haim Amir, Ph.D., Chairman and CEO of Essence, agrees. “‘Simple,’ ‘easy to use,’ and ‘value’ are driving consumer interest and sales, which is why they’ve always been the focus of our solutions.”