Today, we live in a world where devices and equipment are increasingly connected, and this trend is only expected to continue. As per a Gartner estimate, by 2020 there will be 26 billion networked device units and the industry will be worth $300 billion.
The internet of things (IoT) concept is widely applied in fields ranging from government (smart cities) and homes to industries and health. Besides saving time and money, networked devices help automate, remotely control and monitor and generally improve quality of life of users.
The Promise and the Peril
As per a study on remote care, there was a 64 percent drop in hospital re-admission of patients who monitored their blood pressure, body weight and oxygen saturation online. This also helped cut unnecessary medical costs and nipped health issues in the bud before they got worse.
However, adaptation of this technology is not without its downsides. In the past few years, we’ve been introduced to loads of new technology including many Internet of Things enabled devices from toys such as Wi-Fi enabled Barbies to smart automobiles such as remote controllable General Motors vehicles and more. And they all had one thing in common – they were all hackable. During Dick Cheney’s time in office, his cardiologist disabled the Wi-Fi feature on the former vice president’s pacemaker, which if compromised could deliver a fatal shock to Cheney.
Once they’re remotely hacked, connected devices can be turned against their legitimate users. Also, the loads of data collected by IoT devices can be misused by hackers and the businesses that collect it. Flaws in design (for instance, transmission of unencrypted personal data over open networks), implementation or operation could mean financial loss, privacy intrusion and life threatening situations (E.g. cutting off brakes on a vehicle or increasing the dose of an insulin pump for diabetics).
Fixes to security risk and data manipulation
- Security by design: Though there is the ability to patch systems after they have been deployed, it would be better if bugs were fixed in the design process itself. Even an Federal Trade Commission (FTC) report recommends security by design as one of the three main categories of measures businesses must take to protect against privacy and security risks in connected devices – the other two being data minimization and notice and consent.
- Minimize data: The FTC suggests minimizing the amount of data that needs to be collected to protect it from being hacked
- Set up a notice and consent framework: Every time you click on an “accept” button, you have been notified and given consent. The FTC suggests doing the same for communication over networked devices as well.
- Set standards and best practices: Industry and government must seek to improve best practices or a set of security standards that apply to all IoT manufactures.
- Work with each other: Improve co-operation between industry, government, security testers and device manufacturers.
In conclusion, though there are many risks in using an internet of things device, as long as certain best practices are followed, the benefits of networked devices will far outweigh its disadvantages.