Mobility Development Group NewsletterAugust 2016
MDG Members Summit Update
Fall 2016 MDG Members Summit
Date: September 6, 2016
Location: Westgate Las Vegas Resort & Casino, Las Vegas, NV
The MDG Members Summit will feature presentations, discussions and an evening reception. Updated agenda has been released with new confirmed speakers and topics.
New Topics include:
- Navigating the road to IMS Services
- Small Cells
- 3GPP Release 13 Enhanced Machine Type Communication Standards
Reserve your seat today for this informative one-day event!
Featured Article - Privacy, Security and Data Ownership Grow in the Age of the IoT and Big Data Analytics
Privacy, Security and Data Ownership Grow in the Age of the IoT and Big Data Analytics
By Syed Zaeem Hosain, CTO, Aeris Communications, Inc.
The Internet of Things (“IoT”) and Machine-to-Machine (“M2M”) markets are exploding these days, promising to usher in what Goldman Sachs projects as the “Biggest Mega Trend Yet.” But, as millions of IoT sensors and devices transmit the data they gather from our homes, vehicles and bodies, our personal information is inevitably included in these, often insecure, transmissions.
In numerous media articles and reports, there are lively discussions of the privacy and security concerns of such IoT applications, along with the more typical “who owns the data?” question. For example, information collected by home healthcare devices and sensors may be used for direct medical purposes, and yet be stored and monetized later for other purposes without the knowledge of the patient.
Historically, security and privacy concerns for IoT applications have been an afterthought. There were few IoT devices and applications, with relatively low financial or human impact if a device was compromised.
However, the impact of compromised IoT devices is finally leading to increased awareness. A presentation at a Black Hat computer security conference earlier this year demonstrated a compromise of an Insulin pump that was induced to give an overdose—potentially fatal if the pump was actually implanted in a diabetic patient. The manufacturer of the pump had failed to take an elementary precaution—encrypting the data message transmissions that controlled the pump—that would have prevented the compromise.
The burgeoning growth of wearable medical technology in the next few years—from data monitoring and transmission from patients, to remote control of implanted dispensing devices—must be properly supported with an understanding of the risk impact of a compromised application.
The owner of the data is often assumed to be the owner of the unit transmitting the IoT information. However, most owners are not benefitting financially directly from this ownership—the monetary gains from data sent by a single device may be too insignificant to be relevant.
In our Big Data world, data from multiple, sometimes quite disparate, sources can be mashed to extract new knowledge and new information—with their own value. The correlation of these data sources, and the extraction of the new information, is the domain of the field of Data Science. Tools to analyze the data are increasing in sophistication.
There are clear cut benefits to such IoT data mashups. For example, road conditions detected in real time by a vehicle’s sensors, can be related to weather data to warn drivers about hazardous driving conditions. Home automation devices that measure and control heating and cooling systems in residences and business can be correlated with temperature data to optimize the energy generation.
Yet, what has been overlooked so far is the impact of mashups on privacy and ownership. Relatively innocuous data from an IoT device or application—hence given up easily by the owner of the data—may be mashed with similarly innocuous data from another IoT application. Thus resulting in new knowledge that could have quite different security, privacy, monetary and ownership concerns.
Businesses providing IoT data connectivity, storage and content analysis, need to support the protection of data, by combining security best practices with the flexibility to accommodate mashups created by the requirements of social networking.
In this world of Internet of Things and Machine-to-Machine communications, developers must ensure that their applications and network keep data private and secure when it is essential to do so. Devices will be more vulnerable in the future as they become smarter—the increasing use of more common operating systems (with commonly known security holes) can lead to easier attacks.
Certification of IoT devices and applications to meet security principles enables initial deployment, but could be expensive or overlooked later when device firmware is updated for new features or bug fixes.
The companies deploying these M2M and IoT applications must re-examine old or missing security policies that may not be relevant and applicable. Given the explosive growth projected for the industry, with “billions of IoT devices” deployed in less than a decade, it is vital to provide the required privacy and security while the task is still possible.
Next-Generation E-9-1-1 FirstNet and Public Safety Webinar Available on Demand!
By Andy Seybold, CEO & Principal Consultant, Andrew Seybold, Inc.