This Saturday was like most every other day for me. I opened my RSS Internet of Things (IoT) news feed and there were three more articles telling me that consumers don’t trust IoT security. IoT security alerts have been so frequent and regular for so long now that just like a “check engine light” in an old car I am beginning to ignore them. Recently I have seen a slight pivot in the stream of warnings in the form of survey data: Data is good. More than once I have heard “In God we trust” all others bring data. But data requires analysis so let’s look at a few recent figures:
- 52 percent of consumers believe that these products [IoT] do not have the necessary security in place
- Effect of the IoT on security is a concern of 70 percent of US users
- Globally, 60 percent of consumers are worried about the [security and privacy of the] new technology [IoT]
- 90 percent of developers don’t believe IoT applications have necessary security
- 80 percent of consumers don’t know what IoT is, or care about IoT things.
Wait a minute. 80 percent of consumers don’t know what IoT is or even care? How can 70 percent be concerned about IoT security when four out of five don’t know what it is? Are you familiar with the 1936 “Landon beats Roosevelt in a landslide” prediction? Something isn’t right here.
Consumer security concerns are being taken out of context. Indeed, it appears that the respondents to these surveys don’t even have an IoT context. But it’s not surprising that people are concerned about something they don’t understand when prompted with the words “security” and “privacy.”
Look again at the survey that found that 52 percent of respondents don’t believe IoT has the necessary security. The same survey found that 49 percent don’t trust IoT devices with their data – but still use them. Let’s break this down. First, we must be talking to the 20 percent of people who know what IoT devices are. Half of those people don’t trust their devices but keep using them. But the other half apparently trusts the devices and also keeps using them. So apparently all of the respondents who are using IoT devices have made a risk-to-benefit tradeoff that says “the security and privacy of this device is adequate for my use!”
Honeywell has been selling wireless thermostats for 15 years and together with new players like Nest, who has had more than their share of privacy problems, they have provided over ten million customers with remote access solutions in the last five years. Security always requires context. Security is never perfect. Security risk is a choice that is made for any connected offering purchase. Some require more assurance than others, but the choice is always one of what is appropriate for the application and appropriate for the individual.
Sign up for Computerworld eNewsletters.