My first ever rendezvous with the word “IoT” was during my final year at a college conference, when a prominent regional start-up figure dispensed an oblique reference to it. I learned that IoT was the next big thing veering towards the mass market, which would eventually change the course of everyday human existence by making our way of life more convenient. What caught my attention was the term “things” in IoT – an unbounded category which could be anything from the the bed you sleep on, the clothes you drape, or even the personal toiletries you use.
The Internet of Things (IoT) is a class of devices that “can monitor their environment, report their status, receive instructions, and even take action based on the information they receive.” IoT connotes not just the device but also the complex network connected to the device. Multiple studies have revealed that there are more connected devices than people on the planet. Although, combining computers and networks to devices has existed for long, they were previously not integrated to consumer devices and durable goods, used in ordinary day to day life. Furthermore, IoT being an evolving concept, exhibiting a range of ever-changing features, its definition as well is not static.
Personally, I am extremely distrustful when it comes to using IoT devices. My apprehension is not unfounded and reflects a common concern. “The State of IoT Security” report by cybersecurity firm Gemalto found that 90% of consumers are equally worried about the security aspect of IoT. Another interesting revelation is that 54% of consumers surveyed own on average four IoT devices, but only 14% have knowledge concerning the security. Even in the case of my country, India, a study by Accenture revealed that 70% of the respondents cited security as the major concern deterring the use of IoT.
Such pervasive concern arises because IoT devices available in the market today have low privacy and security features and are thus, insecure by design. There exist multiple entities in the supply chain and often each entity assumes that the other is responsible for ensuring security. This necessitates the need for incorporation of security and privacy by design at the manufacturing stage.
These devices collect data routinely for their functionality and mostly with the consent of users. However, although the data derived from the device owner benefits the individual user, they also benefit the manufacturer, leaving a huge scope for probable breach of data. Moreover, with the aid of IoT, as we collectively transition from real spaces to virtual spaces, consequently exposing ourselves to increased risks. This increases the overall vulnerability of users, often invading their privacy, which is vital for living a harmonious life. The sense of being able to enjoy one’s private space without any surveillance is a basic human right every individual should be able exercise. A safe Internet then, would be a space where individuals can freely navigate through the network-operated devices without worrying about their privacy. IoT’s requirement to address this concern for individual privacy needs to be sufficiently prioritized.
The digital future ahead is ridden with uncertainties – even the current mounting concern on privacy could not have been foreseen when the Internet was in its infancy. As the Internet relentlessly continues to evolve, we as users need to constantly familiarize ourselves to the ensuing forms of risk and proactively engage with these issues, as it is ultimately we who have to face the music. Thus, the onus for making IoT devices secure and safe for use is a collective responsibility, to be addressed in a multistakeholder fashion. The road to #SecureIt can only be taken when everyone engages with the issue in a collaborative fashion.
Learn more about IoT and what you can do to help #SecureIt.