The Missing Security Layer of IoT

by David Freidenberg, CEO, POMM Inc.

What is IoT?

As Broadband Internet is becoming globally available and the cost of connecting is decreasing, more and more devices are manufactured with included Wi-Fi capabilities. This is the perfect platform for the forecasted meteoric rise of the phenomena called “Internet of Things” or in short IoT.

IoT means connecting all devices that have an ON/OFF switch to the Internet as well as network them to each other: cellphones, electric home appliances from coffee makers, washing machines, to headphones, lamps, wearable devices, health appliances as heart pacers, cars, and almost anything else you can think of.  It could also include components of machines, such as jet engine of an airplane or the drill of an oil rig. Gartner says that by 2020 there will be over 26 billion connected devices and some even estimate it to reach over 100 billion devices!! So we are talking about a giant network of Internet-connected machines that connect people with people, people with “things”, and “things” with “things”.

So where’s the problem?

Assuming that “anything that can be connected will be connected” we can see many examples where this connectedness is beneficial. For example, you are on your way to a meeting; your car has access to your calendar and it chooses the best route to take. If traffic is heavy, the car texts to notify you are late. Another example: your alarm clock wakes you up and also operates the coffee maker to start brewing your morning cup. All this is on the personal level. On a broader scale, IoT can be applied, for example, to transportation networks in what is called “smart cities” to reduce waste and improve efficiency in traffic loads and energy usage.

However, the endless opportunities come with a price. With billions of devices connected together, what can people do to make sure that their information stays secure as well as private? If someone can hack into your toaster, and then get access to your entire network – this is a serious security breach. If someone can take control over your electronic heart pacer or your connected car and demand ransomware – would you not pay any amount to save your life?

As this holds true for private people, it is also applicable to companies all over the world. Even today issues of privacy, data sharing and security are a challenge to IT departments, but what we have today is only a pale introduction to the complexities organizations will face with the spread of IoT, when we are talking about many billions of devices being connected. Many companies will have to face the massive amounts of data that all of these devices are going to produce and share and they will have to figure out a way to store, track, analyze and make sense of the vast amounts of data that will be generated.

Who should be responsible for data security and privacy?

Even today as IoT is just starting to develop, research has shown that IoT device manufacturers and service providers are failing to implement common security measures in their products, like properly encrypting communications.

This paves the way for hackers to exploit these new devices to conduct data breaches on private as well as corporate or government levels to include espionage, ransomware, exposure of personal or company-secret data and even damage critical infrastructure like electrical grids. Different types of hackers could exploit IoT devices for financial gain, media attention, or to further a geopolitical cause.

Research firms forecast that investment in securing IoT devices will increase five-fold over the next five years as adoption of these devices picks up. However, in contrast to corporates that have budgets and staff in place to tackle security issues, even if not 100% successfully, what about consumers?

Let’s take connected car market as an example. A recent survey reveals that 62% of U.S. consumers think connected cars will be hacked, yet 42% said they want cars to be more connected. That number swelled to 60% among millennials. Furthermore, consumers said they actually expect the automakers to take care of this problem for them. 56% said they feel the vehicle manufacturer should offer software that keeps the car secure. This is a major problem because automakers will have a very hard time meeting this expectation because they have little experience in securing their products against hackers, especially compared to tech companies and banks. This was shown last summer when security researchers took control of the steering and transmission of a Jeep Cherokee traveling 70 miles per hour on the highway.

POMM solution – a secluded vault for managing, storing and exchanging data

We are just starting to face the grave consequences and risks of losing privacy and security in the digital world. As more and more security and privacy breaches are published on a daily basis, for individuals, corporates and countries, we will see a tremendous need for privacy and security solutions for digital users. POMM™ patented solution is offering a secured hardware vault, sealed from the Internet, biometrically and physiologically protected. It is integrated in the smartphone protective case and can store, manage and exchange encrypted data.

Research firms forecast the growth of this market that offers solutions for the problems described above as the scale and severity of the missing security layer of IoT is revealed.