Progress with IoT – But Security Concerns Still Dominate Public Opinion
The likelihood of The Internet of Things (IoT) becoming a reality, seems to be gathering pace and fast if public opinion is anything to go by. According to a recent global report “Internet of Things: Connected Home,” 1,800 20-50 year old tech savvy consumers across 11 countries (including US, Australia, China, Germany, India, and the UK) were polled. 61% thought IoT, in which seamless connections between appliances and electronics are connected to the internet could happen, was “extremely likely” to happen in next five years (with 84% conclusion in China).
The IoT market is expected to grow to US$7.1 trillion over the next six years. Is it all good news, well no. Not surprisingly, the greatest concern was the risk of sensitive data being exposed as a result of IoT.
70% of those surveyed said they were either “extremely concerned” or “somewhat concerned” about the risk of data breaches or personal information being compromised.
60% stated that “privacy is important to me and I do not trust how this type of data may be used”.
67% of those in the US advised that if personal data was accessed without their knowledge or consent, they would “feel violated and extremely angry to the point where (they) would take action”. The majority of those surveyed suggested that their government should regulate how data is collected and what vendors are allowed to do and not do with the collected data.
The risk of losing public trust by not having well through through security and governance protocols in place from the start is too great for governments and network administrators to ignore.
In the UK, the Government has invested a further £1.6m on wireless project HyperCat, a thin interoperability layer which allows devices using different communication platforms to exchange data. This is part of a £6.4 million package of public funding into IoT. The Government’s contribution to this non-profit making project provides a degree of independent assurance and secure interoperability. Whilst Qualcomm, Microsoft, Cisco, HTC and Symantec are behind a similar “AllSeen Alliance” and Apple creates its own proprietary IoT standard called “HomeKit”, in the UK, 40+ technology companies including ARM, BT and KPMG are investing £45 million in the hope that their synchronised wireless communication standards version will become the globally accepted international standard, published through the British Standards Institute (BSI).
With the spec for Hypercat due to be published in 2015, for organisations everywhere, the advice is to treat IoT with care and fully consider the value of any data gathered and the potential impact of any breach. As the volume of data in circulation increases and its storage and mining carries ever greater personal and commercial significance, the way in which business handles corporate responsibility and public may determine loyalty and their bottom line.
The good and evil of 3D printing
Since the development of 3D printing technology, there have been a myriad of different uses coming to market. Two have recently been brought into public focus this week – and they could not be more polar opposites.
The first (good use) is a 3D printed vertebra which has been successfully implanted in a 12 year-old boy with cancer in his spinal cord. The benefits of 3D printing the required part is that it could be specifically designed to match the child’s original vertebra. The design also includes small holes that let the natural bone grow inside. This makes the 3D printed vertebra a permanent part of the spine which will not need adjustment in the future as the child grows.
On the negative side, like the 3D printed gun before it, not all uses of 3D printing technology we are destined to see will be for the good. A new “bump key” has been invented using the technology. A combination of locksmith know-how and 3D printing equipment has resulted in locks you can open without having the original key. Happily, it is never as simple as it sounds. First a photo of the lock itself has to be taken to assist in the printing of the “bump key”. Then with the bump key in the lock it has to be hit with a special mallet at several points of the key turn. If done correctly, the mechanism will unlock without damage to the lock itself.
As 3D printing equipment costs fall, ever more uses for the printing technology will be discovered. It has the potential to be a disruptive technology and so markets, law enforcers and regulators will need to keep an eye on developments in order to safeguard or counter its good use.
Shocking jailbreak for prison data
The Ministry of Justice (MOJ) has been fined £180,000 by the Information Commissioner’s Office (ICO) for “serious failings” following the loss of a hard drive containing confidential details of 3,000 prisoners at Erlestoke Prison in Wiltshire in 2013. The data included information on organised crime, prisoners’ health and drug misuse, along with details about offenders’ victims and visitors. Central to the severity of the breach was the fact that the disk had not been encrypted.
When a similar incident took place back in 2011, this triggered the issue of new back-up drives across the Prison Service which could be encrypted. However, the upgraded process was flawed from the start, as The Prison Service failed to provide instructions to employees to activate the encryption option which had to be done manually.
The ICO’s Head of Enforcement, Stephen Eckersley did not mince words in his damning report: “The fact that a government department with security oversight for prisons can supply equipment to 75 prisons throughout England and Wales without properly understanding, let alone telling them how to use it, beggars belief”. The sensitive information for prisoners, the public and victims remained insecure for over a year. A spokeswoman for the MOJ advised that this had now been replaced with a secure centralised system.
The lesson for organisations to take from this shocker is simple, to have technology is one thing, to understand and implement the relevant security measures to safeguard the data is the fundamental partner in the equation for good gatekeeping and providing a safe pair of hands.
Questionable use of results from data collection of wearables
Wearables are out in the wild collecting metrics of user’s daily lives where users can see and track their own data. However, it can be tricky to visualise this without example of what the benefit of all this information has on a larger scale.
Jawbone, producers of some wearable fitness technology, published a report showing some live trends which arose following an earthquake this week in South Napa, San Francisco. People wearing the devices in the vicinity were monitored and the results recorded those who awoke when it struck at 3.20am local time and who got up (90%). This is against those who carried on sleeping, having been located further away from the quake’s epicentre.
This on its own is interesting, but not remarkable. However, Jawbone’s publication of its data findings from region to region, flags up the notable concern that how personal data is to be used can often be hidden in the small print of terms of conditions. Whilst data is frequently used anonymously, as wearables become more adopted – and especially when being infused with existing technology such as smart phones, this type of data collection will need to become a lot more transparent to prevent consumer backlash.