Why do I need security in the first place?
Your data is being used by many organisations and yet you have minimal control. Sometimes the data used will benefit you. Sometimes it will be for the benefit of others. The balance is starting to shift in our ever connected world where the gains of giving away your data are not as clear cut as they used to be. Now we have more risks to worry about, more threats to manage and yet even more benefit to be enjoyed if we did share our information.
Threats are out there…..
I can give you 5 good reasons why we need to worry about security. However, this list is not exhaustible.
- Their are people and organisations out there that will exploit weakness to disrupt and exploit for their own selfish means. See this infographic from Information is Beautiful.
- The IT industry has a patchy experience about dealing with security. The industry just cannot resist shipping poor quality product from a security perspective in the name of short term profit.
- The ever increasing use of personal data to provide services is focusing our attention on who has access to our data and what do they do with it.
- The ability to process large amounts of data from multiple data points relatively cheaply. Which then lead to positive outcomes for consumers to enjoy. Absolutely requires a handle on where information is sourced from and how it is then exploited. Otherwise, someone else will.
- Secure places flourish. Being secure gives makes you happier and richer.
What are the 5 Rules of Thumb
The 5 rules of thumb that KnowNow apply are as follows.
- If your ‘thing’ has to be really really really secure. Do not connect it to the internet! Simply speaking, if the risk of that data or thing being compromised is to great then do not connect it.
- Have a secure & privacy by design principle that covers both the physical and digital aspects of a solution, but also puts the user in control.
- Have a policy of sacrifice and containment of services that have been hacked or compromised. What we call the “lizard tail” principle.
- Machine to Machine preference. Keep users at arms length from direct access to data and allow access with multi token based authentication.
- Open & TRUSTED. Be open and allow independent audit of your data assets. This will grow TRUST which will give that organisation the permission to offer its service.
We believe that if engineers and designers followed these simple rules of thumb that would mean data collected, stored, managed and used by organisations will be be at less risk of a hack and abuse. Which will in turn allow society to safely share and exchange information for both a collective and personal benefit.
Over the next few months a number of events are being held. One (see below) is actually focused on IoT Security. From a KnowNow perspective, we will consistently apply our security principles and rules of thumb across all our designs.
KnowNow will also be announcing a new innovation in Winter 2015/16 that provides a user centric security control service. This is compliant to our own principles, but will also go some way we believe in letting information be safely exploited. For if we are all to benefit from smart cities and the internet of things, then we do need to change our approach, perspectives and activities on the ground.
Therefore, if society is to benefit from developments in the IoT and Smart Cities domains it should embrace the rules of thumb I outline above. Where you have miscreants abusing this societal data then that same society needs to have the appropriate checks and balances to deter that type of behaviour. Not a rule of thumb but an enforcement of law.
Thanks for reading, Chris
For more details on this event. Check out the link below.