Yesterday, I ventured into windy DC and was blown away by the presence of the Internet of Things inside a city so full of history. The FTC held a workshop with discussions from technology leaders such as Google’s VP and Chief Internet Evangelist, Vint Cerf, who mentioned his original ideas of IOT during the early internet days were laughed at … to famous BlackHat pace-maker hacker, Jay Radcliffe. Although panels were at times heated with differences in opinions, all agreed on one idea.
Enter: colliding worlds. Cool technology, meet mobile security.
Jeff Hagins, Co-Founder and CTO of SmartThings, has over 130 connected devices in his home. Think of the Jetsons, remove the rockets, and it’s not too far from the truth. With a light-hearted complaint about the number of lightbulb apps, Jeff and other IOT evangelists were asked tough questions about security and privacy. This is where “cool” gets tricky.
In an ideal world, the Internet of Things can support and improve freedoms, make us safe and more as long as the sharing of our things and the related data is contextual and explicit.
To make it work, we need to think of security at the beginning and have it built into every aspect of design – not added on last minute in an effort to comply.
Sure, the data from your sleep sensor that knows you’re about to wake up and sends an alert to your coffee machine to start making your morning go juice isn’t interesting. But, the network this data is sent on is, whether it’s WiFi or Zigbee, also holds the keys to other network devices. Homes that utilize smart toilets need to be concerned about the security of even these devices, not necessarily because of the data on them but because they can act as an entry point to the rest of your network – the network that controls your baby monitor, garage door, and, oh yea, those ancient mobile phones and laptops.
In a step in making the IOT more secure, Verizon announced yesterday it is pursuing new security around digital certificates. With measures such as these, devices without proper certification credentials won’t be allowed to access sensitive networks. Because connected devices are created by a variety of manufacturers, it’s not an easy task to provide security to them – a step the Verizon platform is taking.
Also, web giant Amazon didn’t want to be left out in IOT news yesterday and announced for Kinesis the ability to capture and process live data. The IOT world creates a massive amount of data, and what is the purpose of collecting data without having it be safe and reportable? It’s like every science fair project I had in middle school: hypothesize, experiment, collect data, report, improve.
No one thought the Jetsons’ world would happen but our dryers already text us when a cycle is over. Although we aren’t running around with robots like in the PS4, an IOT world where our sensitive and highly contextual data is safe can happen. None of us work at Spaceley’s Sprockets but Google showed me a blind man driving to Taco Bell. What type of internet connected device needs to be more contextually aware than that? And, possibly, more secure?
If that’s not magical, I don’t know what is.