One of the primary reasons for the slow growth and adoption of Internet of Things (IoT) among consumers has been security concerns. There have been several news stories that didn’t do much to help that. For example, hackers breaking into a baby monitor. As a result, the entire IoT space has borne the stigma of being insecure.
Fast forward to now and this is still the case to some extent. In spite of this, many new-gen IoT makers have upped their game with regard to security. This, along with emerging blockchain technology, could mean that the IoT industry emerges as one of the most secure.
IoT security measures have evolved and will continue to do so
The IoT industry has finally moved towards adopting Public Key Infrastructure (PKI) — a mechanism for distributing and naming public encryption keys. It enables people (and devices) to exchange data over the internet securely. With PKI, it’s easier to validate who is sending or receiving information and to ensure that their encryption passes muster.
PKI is already playing a major role in increasing IoT security. In fact, since 2015 PKI deployments have jumped by 23%. In addition to this, the same report cites that 49% of IoT firms are either or partially encrypting their data. They are also increasing their hiring of security specialists.
As new IoT devices come to market and existing ones evolve, both B2B and B2C consumers are voicing concerns about security. To allay these concerns and meet the demands for better security, manufacturers will continue to improve security measures.
Lawmakers are getting onboard with increased IoT security protections
Just a few weeks ago, California governor Jerry Brown signed the first IoT security legislation into law. It will go into effect in 2020 and will likely be followed by other regulatory initiatives to ensure IoT users are protected.
In brief, the law states that makers must implement reasonable security protections in IoT devices. These features must:
- Prevent unwanted modifications
- Stop unauthorized access
- Provide a unique password for each device, or force users to establish one before the device is activated
The last point will apply to devices that can be accessed from outside of a local area network. This will prevent a disturbingly common issue where hackers gain access to devices and the information they share by simply figuring out the default password.
Blockchain may play a key role in IoT security
IoT devices aren’t just sharing information across networks; they are also engaging in financial transactions. Imagine you own a smart home device that controls your HVAC and security systems. It isn’t working correctly and you contact the maker to take a look. They determine you need some security patches. Then, they sell you on a few new features. These are premium and you’ve got to pay a monthly subscription fee.
It’s not too out there to presume that in the near future, that subscription fee may be transacted directly via your IoT device, especially if you are buying pay-per-use features. The concern is how will these payments or even verifications of payments make it from one device to another?
Since so much of IoT communication is P2P, blockchain could be the best solution for these security concerns. Sheen Xin Hu, CEO of MXC Foundation, states that, “Blockchain won’t just contribute to more secure transactions between devices, it will enable easy payments for automated services across borders. In additional to this, blockchain creates new business opportunities for device owners to easily monetize the services provided by their devices.”
IoT customers are willing to pay more for better security
Security won’t just provide customers with more peace of mind; it could lead to more profitability for makers as well. In fact, only 7% of customers indicate that they would not pay more for increased IoT security. The remaining 93% are willing to pay price increases of 10% or more for better security features. Companies are also taking IoT security more seriously with more funds being pumped into research and education institutions offering dedicated courses like a Masters program in cybersecurity.
This could have a significant impact on the IoT security market. That’s a pretty big motivator for existing companies and IoT security startups to act.
IoT is growing and growing quickly. By acting to quell security concerns, IoT companies can attract customers, earn trust and increase profitability.