Advertisement

Blog

Data Security, Trust & Privacy Get MWC Nod

Walk the cavernous halls of this year’s Mobile World Conference and all sorts of sexy devices catch your eye. Sure, there are new, glitzy smartphones, lots of them, like every year. But there are also all these Internet of Things waiting to be noticed–a flying taxi, drones, all sorts of augmented reality demonstrations, eye blink detection capabilities, futuristic-looking self-driving cars, smart city integration models and big-data-converted-into-something-useful displays, to name a few.

Photo courtesy: MWC

Photo courtesy: MWC

 

There’s plenty excitement, too, about the dawn of 5G networks, which are expected to start showing up around the world in the next year or two. 5G is the “thing” that will help all these other “things” better communicate with – and learn from – each other. Listen to conversations in hallways and speeches at company booths with flashing lights and big screens, and it seems the entire mobile community is strapping itself in for the wild ride of IoT hardware and software possibilities coming with 5G rollouts.

The Internet of Things hype, however, fizzles out a bit when you enter the auditoriums at the far end of Hall 4, the middle of the giant conference venue that hosts some 108,000 mobile enthusiasts for four days every year. Executives, analysts and industry leaders gather in these low-lit rooms to share their concerns about real-life dilemmas shadowing the fourth industrial revolution, the unstoppable digital revolution that will further blur the lines between human and machine interactions.

Photo courtesy: Jennifer Baljko

Photo courtesy: Jennifer Baljko

It’s here where people talk about the challenging parts of IoT people generally don’t like talking about, like securing devices and data, building trust in the entire mobile ecosystem and protecting end-user privacy. This is where we get a reality check on how much work still has to be done before IoT’s promise reaches widespread fruition, and where IoT’s kinks will impact the supply chain from chip development to end-user app use.

Much to be desired

Sometimes, someone says something that puts perspective around where the IoT hype collides with the reality of what’s really happening on the ground. Jaya Baloo, chief information security officer at KPN Telecom, is one such person. She summed up what many companies charged with integrating IoT devices and data must feel.

“For me, it’s a scenario that begins with trepidation. Innovators call security departments the destroyer of dreams. Here it really starts with actually examining what is the security of the things we are trying to protect and who are we trying to protect them from,” Baloo said, citing her customer-facing involvement in IoT deployments, both in terms of being a user of hardware and software platforms and a vendor selling services to consumers.

“If you take a look at where we have failed, we have failed pretty much on every single level. Start with the actual network and access layer. We know we don’t do that well. Then look at the applications we are building en masse. If you look at the problems we’re encountering, we still see weak passwords in the actual devices, we still see no actual safe update mechanisms, we still we weak, inefficient cryptography being used and we see open protocols that are not thought all the way through,” she said during the MWC session titled IoT Security & the Blockchain. “Even though the standards are there, our implementation of them sucks. There’s no nicer way to put it. There are a lot of devils in the details when we look at execution.”

Baloo said it’s during the functional execution where things happen that were not expected to happen. Features are being designed into devices and software that have produced unintentional consequences related to security, privacy and data-sharing of sensitive information, she said. She pointed to the buzz the Strava heat map generated a couple months ago.

In January, the Washington Post and US Today, along with other media outlets, reported that the interactive map GPS tracking company Strava posted online not only showed where people using devices like Fitbit, which monitors and collects work out and heart rate activity, exercised the the last two years; journalists and international security researchers discovered that the map lit up device usage in remote areas, which, turned out to reveal the location of Fitbit-wearing U.S. soldiers and the locations of known and then-secret U.S. military bases.

Image courtesy: Strava

Image courtesy: Strava

In this case, a feature allowing users to share their workout information was an intentional design attribution. However, the widespread availability of the feature and end-user lack of understanding about how to use or change built-in features caused security and privacy issues.

“This is what I find scary. We think we are building in security and then we have issues like this,” she said, adding that it’s not as easy as people may think to fix security gaps with scheduled update patches. “My worry is that when we look at the security of IoT devices that it’s not just a simple measure of ‘Let’s take this out there, integrate everything together, use the best standards out there and hope we are okay.’ The majority of the people out there buying and integrating this stuff don’t know enough to look for these underlying bugs.”

Baloo’s worries were echoed by Erin Linch, vice president of corporate development and strategy at technology and business services provider Syniverse. 

The amount of data moving now through the Internet – think about 24,000 gigabytes of data being processed, 62,000 Google searches and 2.6 million emails sent within one second – and the exponential amount of data that will move through the Internet as more devices come online bring security concerns even higher on the watch list. Linch, who foresees potential security breaches in big systems running transportation and high-speed train networks, airlines, industrial operations and hospitals, questions if the public Internet is ready for the coming of the IoT age.

Image courtesy: Pixabay

Image courtesy: Pixabay

“The internet today has provided a foundation for driving innovations, services and change. It has been the foundation for building our digital future. It underpins millions of personal and mission-critical transactions every day. It also creates more opportunity for risk,” Linch said. “The internet seems like a safe portal, but in fact it is a dangerous, vulnerable place. Today’s Internet was not designed for the current and future volumes of transactions requiring a high security. It represents a growing potential for systemic risk in the system and catastrophic risk for companies. 

Let’s talk solutions

All hope, however, is not lost. Companies further upstream in the supply chain, those making the bits and pieces bridging together the IoT ecosystem, are already talking about and taking steps to design layers of security into their products. And, the focus isn’t only on fixing the software and malware or linking computers and machines to blockchain technology to manage databases recording transactions. The hardware is also getting a checkup.

ARM’s vice president and general manager of IoT Device IP Paul Williamson, for instance, played up the company’s Platform Security Architecture (PSA) as a way to understand and analyze threats and develop hardware and firmware architecture specifications. 

“Our mission is to secure these devices to enable these different IoT business opportunities,” Williamson said. “We want to get to a world that by 2035 a trillion devices are securely connected and able to deliver new business innovation.”

“For businesses to succeed, to transform into these potential areas and be able to use the data within their own businesses, they need to be able to trust that data and the infrastructure that is underneath that,” he added. “We believe that security can’t be optional. It must be built from the ground up if we are going to deliver successful IoT to the world.”

Imagine a few years from now when these ground-up layers of security issues are fixed and the Internet of Things is remembered as the quaint phrase we used to explain a wide-scale technology shift. Maybe someday soon you’ll be flying in taxi to visit your suppliers’ manufacturing plant, your eyes will blink an order confirmation on your mobile phone and drones will speed deliveries off to your customers.

9 comments on “Data Security, Trust & Privacy Get MWC Nod

  1. robertflynn
    March 6, 2018

    Smartphones have made a great impact on the whole world. Today, we can know what happens at the other end of the globe by sitting inside our room with a smartphone on hand. There are much benefits of it because it acts as a mini laptop. We can access any data from anywhere. The technology has been developed to a far extent so far and it is beyond the expectations of people.

  2. AntivirusSupport
    March 22, 2018

    Samsung S9 is the new sensation in the market as the new features made the market excited like Camera reborn and many more like this.Samsung A.I Bixby is also new tech in the market.use antivirus like Windows Defender Support to secure your precious device.

  3. jeniferconnorsmk
    September 19, 2018

    Although attacks against cryptocurrency holders and exchange platforms have been on the rise since 2017, X-Force expects to see an escalation in attack diversity and scale in 2018

    myassignmenthelp review

     

  4. jeniferconnorsmk
    September 19, 2018

    The mobile malware arena already strives to emulate the success of PC banking Trojans and facilitate cross-channel fraud and identity theft.   Myassignmenthelp com Reviews

  5. amanda07
    September 26, 2018

    Much like the case of the TrickBot Trojan, which relies on its existing capabilities to use serverside webinjections in attacks against cryptocurrency holders, mobile malware leverages the overlay screen to do the same. I found the information on best essay writing service reviews blogs and its really interesting to read..

  6. amanda07
    September 26, 2018

    Great and informative article jennifer…Cloud computing is an emerging paradigm for large scale infrastructures. It has the advantage of reducing cost by sharing computing and storage resources, combined with an on-demand provisioning mechanism relying on a pay-per-use business model. These new features have a direct impact on the budgeting of IT budgeting but also affect traditional security, trust and privacy mechanisms.

    assignment help Australia

  7. AvaHill
    April 3, 2019

    After the most recent update for my Galaxy 8, I can no longer assign different text message notification sounds to individuals in my contact list. Thats why a like this android. If you have any questtions write here  short-answer-questions-help.

  8. katebrouwn
    April 17, 2019

    As an experienced professional, you certainly know how much of your career success depends on resume writing. The most successful workers definitely know how to write resume avoiding cliches and follow up e-mail after. Still, most employees do not even know where to start. More details on our web

  9. samantawoods
    July 17, 2019

    Hello there! Guys I want to share with you quite important information, which will be useful for everyone and especially for some guys who now are in the search of work because it is quite important for such people to write a good resume, and now they can easily cope with that task just only using the help of resume makeover service

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.