Why do I need security in the first place?
Your data is being used by many organisations and yet you have minimal control. Sometimes the data used will benefit you. Sometimes it will be for the benefit of others. The balance is starting to shift in our ever connected world where the gains of giving away your data are not as clear-cut as they used to be. Now we have more risks to worry about, more threats to manage, and yet even more benefits to be enjoyed if we did share our information.
Threats are out there…..
I can give you 5 good reasons why we need to worry about security. However, this list is not exhaustible.
- There are people and organisations out there that will exploit weakness to disrupt and exploit for their own selfish means. See this infographic from Information is Beautiful.
- The IT industry has a patchy experience in dealing with security. The industry just cannot resist shipping poor-quality products from a security perspective in the name of short-term profit.
- The ever-increasing use of personal data to provide services is focusing our attention on who has access to our data and what do they do with it.
- The ability to process large amounts of data from multiple data points relatively cheaply. Which then leads to positive outcomes for consumers to enjoy. Absolutely requires a handle on where information is sourced from and how it is then exploited. Otherwise, someone else will.
- Secure places flourish. Being secure gives makes you happier and richer.
What are the 5 Rules of Thumb
The 5 rules of thumb that KnowNow applies are as follows.
- If your ‘thing’ has to be really really really secure. Do not connect it to the internet! Simply speaking, if the risk of that data or thing being compromised is too great then do not connect it.
- Have a secure & privacy by design principle that covers both the physical and digital aspects of a solution, but also puts the user in control.
- Have a policy of sacrifice and containment of services that have been hacked or compromised. What we call the “lizard tail” principle.
- Machine to Machine preference. Keep users at arm’s length from direct access to data and allow access with multi token-based authentication.
- Open & TRUSTED. Be open and allow independent audits of your data assets. This will grow TRUST which will give that organisation the permission to offer its service.
We believe that if engineers and designers followed these simple rules of thumb that would mean data collected, stored, managed, and used by organisations will be at less risk of a hack and abuse. Which will in turn allow society to safely share and exchange information for both a collective and personal benefit.
Over the next few months, a number of events are being held. One (see below) is actually focused on IoT Security. From a KnowNow perspective, we will consistently apply our security principles and rules of thumb across all our designs.
KnowNow will also be announcing a new innovation in Winter 2015/16 that provides a user-centric security control service. This is compliant to our own principles, but will also go some way we believe in letting information be safely exploited. If we are all to benefit from smart cities and the Internet of Things, then we do need to change our approach, perspectives, and activities on the ground.
Conclusion
Therefore, if society is to benefit from developments in the IoT and Smart Cities domains it should embrace the rules of thumb I outline above. Where you have miscreants abusing this societal data then that same society needs to have the appropriate checks and balances to deter that type of behaviour. Not a rule of thumb but an enforcement of law.
Thanks for reading, Chris
For more details on this event. Check out the link below.
Trackbacks/Pingbacks