NUMBER ONE: In response to the growth of connected devices, Gartner projects the average security budget for IT (Information Technology), OT (Operational Technology), and IoT (Internet of Things) requirements will rise from less than one percent in 2015 to 20 percent in 2020. (Source: Gartner Newsroom)
NUMBER TWO: RnRMarketResearch places the price tag on IoT security going from USD $7.90 billion in 2016 to $36.95 billion by 2021, a Compound Annual Growth Rate (CAGR) of 36.1%. (Source: EETimes)
Those are some pretty big numbers. But in fact they are only just that—numbers. What really matters for consumer brands? When it comes to security the job of a consumer brand is to prevent being hacked and to stay out of the news.
At Arrayent, we counsel consumer brands who are embarking on a product strategy using our IoT platform to fully appreciate the complexity of the business and technical decisions that lay ahead of them. These span everything from security, to user experience, product features, interface design, localization, scalability, OTA firmware updates, and did I mention…security?
SECURITY CAN’T BE AN AFTERTHOUGHT
Security has to be baked into IoT strategy from the very beginning – in planning, management, oversight, and accountability. As with any business endeavor, it should start with a business risk management assessment.
But not every IoT device is equal. Depending on the nature of the product or application and its architecture, the security and privacy requirements will need to be balanced based on the actual threat. A healthcare app is obviously of more concern than a kitchen appliance in terms of personal data gathered.
SECURITY IS BETTER IN THE CLOUD
Do the ‘smarts’ of a product reside on the device, or in the cloud? And just how safe IS the cloud? While clouds are not impossible to hack, we believe they can be fundamentally more secure with cloud-based resources being harder to exploit than consumer-managed devices on the ground.
The Arrayent IoT platform has provided a secure end-to-end solution for our consumer brand customers to develop, deliver, and support connected devices that can be remotely managed from anywhere in the world. Our platform is like a secure IoT operating system that hosts cloud-based virtual devices which serve as digital copies of physical devices that are managed remotely through mobile apps.
MANAGED BY PROFESSIONALS
When you think about it, the world’s critical infrastructures – banking systems, stock exchanges, defense departments – are all run in the cloud managed by professionals. When consumer brands consider the requirements to professionally manage an IoT product implementation that runs 24/7/365, they think about whether their organization is ready to take on that level of support. Many aren’t ready, and that’s why they come to, and stick with, Arrayent.
Many consumer product companies – particularly those operating outside of the technology industry – have internal skillset gaps in areas like security, big data and network infrastructure. That’s very understandable considering those areas have not necessarily been part of a core focus for their business until now. Offering connected products now means they are becoming software companies with ongoing consumer service level agreements, with all the complex challenges that entails.
BEEN THERE, DONE THAT
Whether implementing an IoT strategy themselves or working with a partner, the bottom line on IoT security is that the brand is held accountable. And, in order for brands to do a good job of protecting their image, security has to be built in from the very start of product development. When evaluating a consumer IoT platform’s prowess when it comes to security, there are a lot of claims and whitepapers on company websites. Here are six simple questions we recommend you ask platform companies to do a top level evaluation of whether they have a proven security infrastructure:
TOP-LEVEL EVALUATION FOR IOT SECURITY:
1. Which consumer brands are using your platform?
2. How many of those different branded products are being sold by retailers today?
3. Where are they being sold? Show me.
4. Are connected products using your platform sold in any countries outside the U.S.?
5. If so, please provide retailer URLs.
6. Have any of your consumer brand customers required your platform to undergo a security audit by a 3rd-party firm? When? What were the results?
Get answers to those questions and you’ll be a lot father ahead in answering questions about IoT security for consumer products. Oh, and instead of just offering you a whitepaper, Arrayent is happy to answer all of the above and more. Just contact us for a chat: