IoT, if we still dare to use this appellation for connected objects, introduced new ways to use data that we don’t know how to handle yet. Once again, the enthusiasm has taken upon the reflection that should have occurred ahead and everyone was equipped before even thinking about securing this new technology. When we all got crazy with connected wearables, who thought about where was going the number of calories burned or where was the rate of our heartbeat stocked? Who can exploit this data and how? After the first major breach of the connected car that got hacked, awareness arose and people seriously began to work on security issues.
The accessibility to sensitive data has critically increased, even more so that the nature of IoT products can be of any shapes. These new objects are suitable for professional uses, medical purposes, entertainment and are tools for the everyday life. In fact, they are considered “IoT” as long as they are devices connected to the network. To better illustrate the rapid growth; Verizon also estimates that 25.6 billion IoT devices will be in the world by 2018, considering that there were already 9.7 billion in 2014.
Impressive enough to scare professionals who started to study security aspects of IoT, but isn’t the focus to be put elsewhere?
Companies noticed that using new connected devices, such as wearables, increased the productivity of their employees and even their health. A win-win situation making developers design solutions to ease the workflow, while keeping employees happy. Thus, the application model was perfect for the immediacy required by connected objects, being undeniably useful while handling more and more data. As a matter of fact, this model allows a permanent exchange of data between the product itself and the network.
As this model is new and quickly expanding, vendors have experienced difficulties to adapt our traditional security solutions that are not efficient enough. Indeed, every single connected object is now a datacenter on its own, and should be treated as a potentially hostile environment. The manipulation of data is the main concern, as we have to make sure they are used for their original purpose. All the more, personal and professional information are sharing the same environment, regardless of its nature, increasing the risk of leakage. In a word, the vulnerability of this new model resides on the accessibility from the outside to all type of data that are manipulated from the inside. And all of these uncertainties led to a need for automated ways to detect attacks, filling the gaps of Apps’ security.
It is hard to predict the future of new technologies; for sure security questions will always be on companies’ agendas, as long as our private and professional data are worth hacking and selling. IoT is only at its early stage and we can expect great breaches in proportion with the rapid growth of it.