Keeping Data Secure in the Age of the Connected Device

It’s no secret that the Internet of Things (IoT) is on a trajectory of rapid growth. IDC recently reported that IoT technology and services revenue will expand to 7.3 trillion by 2017 and predicted that “the IoT solutions space will expand exponentially and will offer every business endless IoT-focused solutions.” The growth of the IoT and its commercial promise marks the internet’s true coming of age. The application of IoT across various industries will continue to proliferate as more and more companies recognize the efficiency it can bring to business process. 

Amidst all the hype, a great deal of additional exploration, trial, and error lies ahead before the Internet of Things reaches its full potential. However, in all the excitement surrounding the new possibilities that innovations in IoT create, there is one aspect that tends to be forgotten; the fact remains that we haven’t even mastered the security aspects of the original internet - and the growing Web-linked network of smart devices creates security and privacy concerns that are far more complex.

The real benefits of the Internet of Things lie in the data produced by all those connected devices. In this way, it represents a new episode in the big data story just as much as it signals the next phase of the internet. Underneath the shiny surface of the IoT, its challenges are similar to those we see with big data projects elsewhere. The challenges are not just of volume, but also of velocity and variety. Take smart meters, for example. Instead of sending an engineer every six months to take a reading, utilities can collect meter readings every 15 minutes. This increase in both volume of data and the speed at which it’s received is immense.

In addition to an amplified need to quickly process data, the new data generated by the Internet of Things significantly increases the security risks inherent in storing and managing data. Some of the most useful data will also have significant privacy and security implications. For instance, suppose the details of a household’s electricity consumption habits were to fall into the hands of a telemarketing firm? Or what would happen if data gathered from monitoring a patient’s blood sugar levels or blood pressure was sold to an insurance provider and used as leverage to increase the patient’s life insurance premium? There is also the risk of data hacking by individuals or even by governments. These examples may be a bit contrived, but the possibility is concerning. As more data is created from devices that are becoming intimately intertwined with peoples’ lives, compliance with existing and future data regulations becomes more and more critical.

In order for the IoT to become truly valuable, businesses need to ease consumers over the ‘big brother’ hurdle as they begin to rethink how much privacy they are prepared to surrender for the sake of convenience. Many services will be ‘free,’ in return for allowing the provider to use consumers’ data to produce aggregate analysis used to market their products in a more targeted fashion.

Data from connected devices needs to be used sensitively and intelligently. Backlash against the potential invasion of privacy is a concern for many organizations planning to draw value from this data. These businesses need a pragmatic but agile approach to dealing with the data created from web-connected devices that balances security with accessibility. This varies according to the nature of the information in each particular case. However, it is critical to establish robust data governance, sound data management habits and strong security processes and procedures that respect the privacy of this data.

Businesses should consider appointing a “data champion” who is responsible for instilling solid, secure data management habits. In addition to reducing data governance costs, standardised and secure data practices increase the speed and accuracy of analysis and help companies to better meet regulatory needs. Investment in governance including security will bring long-term returns and also avoid potential backlash and loss of customer trust that could result from secure data getting into the wrong hands.

Most early big data projects have been free of explicit project management structure -- but as the IoT continues to pick up momentum this must change. Businesses need to begin wrapping more standards and procedures around their projects to ensure their data integrity and security is airtight.

The choice of technology used is always critical. While legacy integration engines often have strong support for security, either they rely on proprietary configuration or the audit and notification methods only work with that vendor. Fast forward to today where newer systems, such as Hadoop, one of the key processing frameworks for big data, are rapidly becoming the data processing engine for many companies. The security features for Hadoop are community developed and based on common standards, which means the integration software needs to integrate with the Hadoop APIs (i.e. support for Kerberos), rather than rely on a vendor-specific console or tool.

While most vendors of connected devices will be focused on ways to analyze and monetize the data they are accumulating, the issues of privacy and security are paramount and cannot be ignored. While only a minority of applications will present real security threats, many will have implications for the privacy of their users. Using the right technology along with a formal, structured data governance and management policy will significantly minimize the risk of data leaks and security breaches and will go a long way towards reassuring customers.


Ciaran Dynes is Vice President of Products at Talend


« Social Media & Stereotypes: Do Arabs Hate Americans?


The Rise, Fall and Rise of the Macro Virus »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?