Mobile World Congress 2016. it’s already a week behind us. Putting together the main memories from the event, the words that are swirling around on top of my head are “connected”, “internet of things” and “security”.
One can think whether these words are fitting well together today. Indeed, the need for adding more security in IoT connected objects sounds obvious. Alarming stories of privacy or security breaches are regularly in the newspapers headlines. This is even touching on what we care about the most, our kids: the scandal of non-secure baby phones is still pending and we can ask ourselves where the information goes when we buy talking puppets to communicate with our kids.
The first question we could ask is: technically speaking, is there any problem to make connected products secure? The answer is: not really, this is possible. Or at least, without reaching the perfect security level, the data protection could be greatly improved. Using software or hardware technologies, and designing the products in a safe way, could lead to great results. But, and this is certainly the main concern, data protection has a price. And as customers, in spite of recurrent alarming stories, our main buying criterium remains mostly the price.
Partly because the security is unclear due to a lack of standards. And partly because the risk remains uncertain and consequently the value does not justify the extra price. As a result, secure products are not necessarily the most popular ones nowadays. And the incentive is not strong enough for industrials to promote safe products. Particularly in this early phase of market ramp up.
Is that all? Not really. Simply because customers are volatile. Very volatile. A crisis can pop up at any time and change the expectations dramatically. And this time, the price could turn out to be very high for industrials with widely spread and non-secure products. Without convincing alternatives, some markets could suffer a lot. Building a secure alternative in IoT is surely the best way to win tomorrow. This requires real expertise to find the right recipe and make it acceptable. It is a thin line between incomplete security that could ruin the efforts of protection and excessive security that will make the product non-viable and non-flexible. This is certainly where eshard’s experts can add value for you.