What Is The Issue?
For years we have been hearing that the Internet of Things (IoT) will take over every aspect of our lives. The main point of focus has been our homes which, by this time, were going to be completely automated, highly-responsive, servants for our every need.
Clearly, that is not the case and the reason for that failure is clear – security. In fact, the number one reason consumers shy away from smart appliances is security and, with the number of successful attacks only increasing, that fear is higher than ever before.
The Fix Starts In Production
To correct this issue, security has to be baked in from the jump – when these devices are being built. The proper security needs to lock down every component such that each smart piece of a smart appliance is under full control and does not transform into a new, terrifying, “weakest link”.
Then this security needs to be open and adaptable to future regulatory requirements, consumer needs, and appliance provider insights. What sells today and meets current government standards will most likely fail in 6 months or a year. Given the timeframes from when a device is manufactured to when it is sold, any intrinsic security has to be built for change.
The most obvious approach for this type of security is a policy-based system wherein the rules for how to manage smart appliances can be changed at any time. It is not sufficient for these policy-based systems to simply enable external control, these policies have to be treated as invaluable resources. This need translates into blockchain device registration, highly-secure transmissions of policies and other mechanisms that enforce the latest, and best, approaches to protecting these policies.
Services Provide Consumer Confidence
At the end of the day, however, it is not the highly-resilient nature of a given system that will provide consumer confidence. Instead, it will be the highly-visible proactive security services that consumers can observe. These service providers will need to find and overcome intrusions quickly, prove that they can protect consumers from new and innovative attacks and, only then, will consumers trust their lives to smart appliances.
Of course, in order to enable this level of service, any viable security solution has to sit outside of the protected systems. Security will need to change at any time – most likely modulating constantly – and those changes cannot impact normal appliance functioning. What is worst, being hacked or finding your laundry sitting in a locked down, nonfunctioning smart washing machine’s slop of filthy water?
This might sound like a lot but, from a business perspective, it is this type of transparent, policy-based proactive service-oriented security that will bridge the hope of a consumer IoT world into a profitable reality.