Just because it can be connected, that doesn’t mean it should be
Technology breakthroughs are great things; they present the opportunity for ideas, creativity and innovation. But there is always the risk of enthusiasm running away with itself, reports Telecoms.com (Banking Technology’s sister publication).
That was certainly evident at this year’s “Nordic Digital Business Summit”, where internet of things (IoT) was at the top of the agenda. The connected world is big and beautiful, those who are smart enough can start creating money out of thin air. But one question which might gain sneers from the fanatics is whether connecting the entire world is sensible. Just because everything can be connected to the internet, doesn’t mean it should be.
This was one of the conclusions made when your correspondent got the chance to host a discussion with Aalto University’s Jarno Limnéll and Tieto Security Services’ Timo Ahomäki. We’re not prepared enough for the big, wide world of IoT.
“Open up the email, click the link and boom, you’re owned,” says Limnéll. “The problem with security is us, not the technology which is out there.”
“When you look at WannaCry, this was stuff we knew about a decade ago,” adds Ahomäki. “We weren’t able to stop it because we weren’t looking for it.”
It’s a point which has been raised countless times over the last few years, but we are the biggest threat which an organisation faces. We are lazy, forgetful and careless. Human error is often the downfall of a company’s security features.
This is not a new idea, but it will continue to be repeated for as long as it is still a problem. But the chorus of voices screaming for a more comprehensive and considered approach to security should only get louder considering the technological tsunami which about to sleep the globe. IoT will be everywhere, but is it the correct decision.
Another speaker at the conference used a phrase which we are all too familiar with; “everything that can be digitised, will be digitised”. It’s the idea of connecting everything to the internet, from your car in the driveway, to a buoy in the middle of the Atlantic and your coffee machine in the office. But if we are not yet capable of protecting ourselves in a pre-IoT world, why should we be ready to up the ante?
Ahomäki’s point about WannaCry is a fair one. This is not necessarily a new idea, it was a malicious campaign using technology which was known to the security community. But it still crippled hundreds of organisations around the world. We are not capable of doing the security basics, and yet we are about to expand the security perimeter of our organisations, creating thousands, if not millions, of gateways to a company’s network. Every device which is connected to your network is a potential locked door for a hacker to pick.
Which brings us back to the original point, just because something could be connected, doesn’t mean it should be. The point here is not to stop the IoT trends, that would not be sensible considering the potential opportunities, but to have a bit of maturity. It’s about understanding the risk and limiting the threats to your organization.
So do you think it is necessary to have a connected fish tank which feeds the fish for you, or a coffee machine which sends you a text when it is empty? The benefits of such ideas are not going to help a company avoid bankruptcy or create the next revolutionary product, but it does present opportunity for the nefarious characters of the world.
We not saying anyone should stop playing around with technology in the search of a great idea, but perhaps we should stop being so frivolous with it.