With 25 billion connected things predicted to be in use globally before 2021 (according to Gartner), the issue of securing the data that comes from these devices is an important one, especially as organisations increasingly migrate user data to the cloud. This trend is only set to increase as internet connected devices and services are becoming an integral facet of our professional and personal lives.
Since the advent of connected devices, the traditional approach of storing data in the device itself has become almost obsolete. Developers have become aware of the greater convenience and efficiency that cloud storage offers, especially for smart home devices such as cameras. From easier installation (for instance, users can link multiple cameras to one network, rather than assigning individual IP addresses to each camera) to instant data access, cloud storage for the smart home presents significant advantages – but potentially at the cost of data security.
Understanding IoT and cloud data storage
With manufacturers not wanting to take responsibility for security on the device, many have looked to the cloud to store data. However, transferring data to the cloud can put users in a precarious position, particularly because their personal data is now outside of their direct control. In light of the increasing amount of data leaks and device hacks over the past few years, centralising data in the cloud can cause the downfall of the whole IoT ecosystem.
Helping management understand the root causes of these issues is key to helping the organisation overcome such security issues. Given that management executives are primarily focused on designing and manufacturing the device itself – as opposed to devising other features such as access control – they occasionally lack in their understanding of how to manage user data correctly. Though integrating security controls into the design of the device itself would be ideal, this often incurs additional costs – in both monetary and time measures – for the manufacturer.
Back to square one: the microprocessor
Understanding the complexities of IoT environments and products is the first step to solving security issues for connected devices. Manufacturers must realise that internet-based products are more complicated than things such as email services and social networks. IoT devices, for instance, contain microprocessors that can be used to process user data whilst simultaneously hosting it on the NAND. The microprocessor can also be used to encrypt sensitive user data from within the device itself, allowing their information to not only be securely carried through the internet, but also to be directly transferred to the user without the need to go through cloud servers that are externally controlled. Such features can prevent multiple devices from being the target of mass cyberattacks, and from being hacked at the same time.
Additionally, with encryption serving as a non-recurring operation and IoT processors being idle 60% to 70% of the time, IoT devices can allocate their extra capacity towards protecting user data. Using the device’s integrated NAND storage can be used to easily host various security components, including device settings and encryption keys. Moving away from cloud storage and hosting data through local storage can also help manufacturers reduce their technology and operational costs.
Data security for the future smart home
Ensuring that a cloud device is secure is a monumentally bigger – and more expensive – task than securing a device with local data storage. For instance, an organisation could employ a security team to ensure that the cloud connection is always secure; a 24/7 job. Alternatively, an organisation could pay a team of white hat hackers once to test an IoT device, resulting in a one-off payment and a secure device. The two options both aim to secure the customer’s data but maintaining a secure cloud infrastructure is expensive and requires constant monitoring, potentially wasting an organisation’s resources.
Forward-thinking organisations can even integrate neural networks with video data from within a local IoT device based on low-cost ARM processors.
Naturally, using a cloud-based infrastructure may be unavoidable in some cases, and its advantages may mean that it is the best option available for manufacturers. However, rather than automatically opting to choose cloud services as a default option, manufacturers should consider other aspects, particularly around security. Users’ needs should come first, especially in today’s age of data protection, where it is vital to give them direct control over their own data. For devices such as smart home cameras – which quite literally gives glimpses into customers’ everyday lives – data confidentiality is key, and manufacturers should take steps to ensure the right encryption measures are made, to prevent unauthorised parties from accessing such sensitive information. End user protection is far too important for a blanket cloud approach.