Advances in technology have paved the way for an entirely new era of communication between people and machines. The Internet of Things (IoT) is the embodiment of this. What once felt like the stuff of science fiction is rapidly becoming the norm. It’s no longer difficult to imagine our smartphone talking to our kettle as we drive home, ensuring there’s hot water for a cup of coffee when we arrive, or our fridge automatically re-ordering supplies when running low. But with so many aspects of our lives now going online, how can we enjoy the benefits it brings without losing our security, or our privacy? Eve Maler, Vice President Innovation & Emerging Technology, ForgeRock, discusses some of the key issues surrounding the rise and rise of the IoT.
- How much is being invested in the IoT?
By one estimate, global investment in the IoT is expected to be 7.3 trillion dollars by 2017. Many companies are aggressively exploring new creative and collaborative IoT projects to gain a foothold in the market and make their businesses more competitive.
- How will this growth impact on privacy?
As companies use the IoT to provide personalised services, people reasonably fear their privacy may be compromised. The IoT faces unique challenges because organisations need to have access to users’ personal data in order to provide the services they are increasingly expecting.
At the same time, the privacy experience we’re used to when we use websites (i.e ticking a box that indicates we agree to share our personal data with a site) simply won’t do in the case of many IoT devices. Even if a device comes with a companion app that can be installed on your smartphone, if the experts are right about how many IoT devices we’ll have in our lives soon, we’ll need a better way to deal with privacy.
- How can the IoT continue thriving?
As more objects and appliances acquire the ability to “speak” to each other, businesses face the monumental task of ensuring they can give people control of their personal data. Consumers also want to control IoT data sharing with family, friends.
In order to succeed, IoT protocols must provide a cohesive approach to identity management that ensures the relationships between devices, people, and cloud services are properly built at the right moments; that they are based on fair privacy agreements; and equally importantly, that they are deleted when the relevant parties say so.
- How can this be effectively governed?
The Kantara Initiative is a non-profit professional organisation that sponsors several efforts, including the Identities of Things Discussion Group and the User-Managed Access (UMA) Work Group, to build solutions to these challenges. UMA is a new protocol designed to give users a unified point of control for authorising access to personal data and services, regardless of where those resources live online. For example, instead of making copies of a child’s healthcare records at the beginning of the school year and taking it into the school office where it will be “filed,” a parent could give the school access to the online record for one week at the start of the school year. Once the school confirms the child’s health status and vaccinations, access to the digital record can be revoked, eliminating the need to duplicate personal healthcare records and maintaining privacy.
- What can companies do to ensure they’re getting privacy right?
Using consistent, well-vetted open standards and platforms that ensure secure, user-consented connections is the most practical way to build in privacy.
Once consumers feel they have control over their information, we will truly see the full potential of all that this technology can offer.
[su_box title=”Eve Maler, Vice President Innovation & Emerging Technology, ForgeRock” style=”noise” box_color=”#336588″]
Eve Maler, is a vice president innovation & emerging technology, at ForgeRock. The ForgeRock mission is to transform the way organizations approach identity and access management, so they can deliver better customer experiences, strengthen customer relationships, and ultimately, drive greater value and revenue. We make it happen with the best commercial open source identity stack for securing anything, anywhere, on any device.[/su_box]
VP of Innovation & Emerging Technology
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.