Securing the future of the Internet of Things

Groupe Speciale Mobile (GSMA), a group that represents the interests of mobile phone operators across the world, recently released new guidelines covering the Internet of Things (IoT). The group, which includes companies such as Telefonica, Orange, and Vodafone, has clearly emphasised the need for IoT to be secure and protect personal data. This is an excellent set of principles and a very sensible approach.

Standardising IoT

Global standards for IoT will become increasingly important as the role of connected devices increases in our everyday lives. In the space between the advent of this technology and its mass adoption, there is a great opportunity for manufacturers, tech companies, and suppliers to work together to standardise IoT and avoid ‘specification wars’, rapid obsolescence, security flaws, and ethical issues.

Standardisation is also crucial because of just how many devices IoT could be made up of. With the potential for any object to be made ‘smart’, there will be an unprecedented number of collectors and transmitters of personal data. The fact that these devices need to talk to each other also means that data could be shared and used by a huge number of different companies.

Despite the guidelines outlined by GSMA, there will still be a significant challenge in securing personal data and ensuring it is not misused, especially in an industry that is largely reliant on the commoditisation of the data these devices collect. The best approach is for the major players within IoT to set an ethical standard. Blackballing companies that don’t play by these rules will help to deter misuse. Transparency will also be key. Letting consumers know how their data will be collected and used will help to build trust.

Securing the IoT

It will also be crucial to ensure that the security of IoT devices is rigorous. The failure of one popular device to protect personal data from hackers risks undermining trust in the entire industry. That is why it was also welcome that more than 30 firms including Intel, BT, and Vodafone announced last year that they would band together to create an industry body to vet internet connected devices for security flaws.

However, GSMA’s call for homogeneous data protection legislation across the globe to further drive development and uptake of IoT, is, unfortunately, very much a pipe dream. The contentious nature of data protection laws means that a general consensus is highly unlikely and it will take a significant amount of time for different governments to come to an agreement. One only has to look at the ruckus created over the failure of the Safe Harbour data transfer agreement between the US and EU to realise that data protection standards are becoming increasingly fractured. Individual companies will need to be in the vanguard of setting data protection standards, they cannot wait for governments to legislate.

Avoiding format wars

Standardisation can also extend beyond security provisions. The format and network these devices use should also be similar where possible. Consider the recent history of new technological devices. There have been reoccurring format wars, such as Betamax and VHS, Minidisk and MP3, and in the past few years, HD DVD and Blu-ray. As with most wars, there were losers, casualties, and a lot of money wasted. There were the manufacturers and suppliers that threw their lot in on the wrong side. For some that was the end of the road, for others it precipitated a painful pivot. Those who won also had to incur plenty of needless costs in marketing and lobbying distributors. Let’s also not forget the annoyed consumer who forked out a lot of cash on devices and their favourite songs or movies in the right format only to find out they had to spend it all over again.

The future is promising

The work of GSMA and other groups to put in place structures and standards for IoT is very encouraging. We cannot wait for individual governments to create frameworks to make IoT safe. Cooperation between the businesses that operate in IoT will help the sector develop faster, save money, support innovation, and protect consumers. Although IoT is missing the ‘killer app’ that will make rapid adoption a reality, putting in the ground work on standardisation now will ensure that when IoT’s ‘iPhone moment’ comes along, the sector will be able to protect consumers.

Mike Weston, CEO at Profusion