14th May 2017 | Simon Trend, CIO
Secure IoT highlighted after attacks
As we settle into 2017, in the IoT world the issue of security is burning brightly as the industry gears up for an era of intense collaboration to address the challenges ahead. The recent global ransomware attack which temporarily paralysed corporates, public sector and enterprises is a factor in this renewed focus. As wake up calls go, the message rang loud and clear, highlighting the ease with which the hackers can exploit the vulnerability of IT systems. IoT has to remain in the focus too. Whilst bots have already hit the news infecting connected devices and assets, it won’t be too long before an IoT attack becomes world news.
Interestingly it has thrown a spotlight on where the responsibility lies when a device gets into the wrong hands and is turned into a bot programmed with malicious intent. To date, this largely unexplored area has seen only limited controls in place to protect against such activity but we’re on the cusp of change. I predict a greater onus will fall on the companies which are operating a large network of devices to take more responsibility. They could indeed find themselves liable for future botnet attacks in a similar way that they are accountable for rogue online activity from their employees at the moment.
Just as importantly, the episode reminds us that despite an inherent caution when sharing our personal data with other people, less care is taken with machines which can (quite literally) provide a false sense of security. Take the anonymous data transmitted through vehicle tracking. Information about a certain stretch of road may seem innocuous enough but the cumulative impact of this data over a period builds up patterns of behaviour that can be used to identify an individual, presenting a risk that is all too often overlooked.
This consumer apathy to machine security will soon be on the wane though as the industry is forced to rethink its approach to how anonymous data is processed and stored in response to a core challenge of our current landscape. The heightened risks that come with an explosion in network data and ever rising entry points has meant that a trusted environment has never been more critical for users. However, heavy- handed Fort Knox style security solutions are now at odds with hyper connectivity and the wide distribution needed to serve more imaginative applications in complex and unstructured environments.
It’s a development reflected in the world of Ecommerce where security solutions have transitioned from a hardened private network to a cloud-based approach and I expect this to become common place across many other areas sectors. In practical terms this calls for a mindset that is vigilant but realistic and a solution that achieves this delicate balance. Expectations that any kind of attack can be prevented from ever happening need to be replaced with an acceptance that ever-present threats must be managed on an ongoing basis with an increased focus on impact mitigation and constant systems evolution.
This demands agile and intuitive security management aided by the new breed of smart, standalone connectivity platforms which foster interoperability and are equipped to distinguish between normal and rogue network activity. Making this distinction becomes even more critical as devices, fuelled by cheaper access points are more likely to operate in a way that can appear suspicious but is in fact normal business. Indeed, the transformation of the connectivity platform from simply a means for app providers to access to devices to one that takes responsibility for key components of the applications themselves including security, fault tolerance and traffic management is just about complete.
Looking after the overall health of the network through our own SIM provisioning management platform, SIMPro, empowers users to remotely control a range of activities through their SIM-connected devices. Yet along with our industry peers, we’re aware that being able to cover the wide spectrum of existing use cases and the potential ones yet to be envisaged can not happen in isolation. It’s why a collaboration with third party tech app providers underpinned by an open architecture approach is signalling the next major trend in IoT connectivity platform development. Increasingly we will all become a sum of parts for the greater good to deliver an offering driven by the collective eco system rather than a single provider.
Teaming up with specialists providing complementary services from data compression and acceleration to artificial intelligence and machine learning technologies to interconnect with our platform securely facilitates integration and technical interplay between other platforms. Furthermore, it enables us to safely reach into new territories and benefit from the scope of our geographical spread and established relationships with network operators.
It’s an approach that represents fundamental change for an industry where the scope and scale of the market has previously seen network app providers and connectivity partners work in isolation rather than partnership, but one that we will all have to embrace if we are to fully prosper.
Simon Trend, CIO Wireless Logic Group heads up the group’s software development with a key focus on continuous evolvement of the SIMPro management & control SIM platform, maintaining its sector-leading reputation across multiple markets.
Find out more about how we keep IoT solutions secure or get in touch.