What’s been called the Third Wave of Computing — IoT — probably feels more like a tidal wave to the multitude of hardware, software, cloud, and other IoT-related manufacturers and service providers. That is, in part, because riding that wave is a lack of interoperability, ecosystem immaturity, data privacy, time-to-market, multiple technology choices, and the moving target known as security. It’s a perfect storm of challenges that have previously been more like one-off issues in the first wave of standalone devices which needed many people to run, to the PC wave of one-to-one interaction between user and computer. While all the challenges are prime for solutions, it is the fear of the security tsunami that has all interested parties on heightened alert.
Fortunately, the high degree of awareness of these “Third-Wave” issues is motivating the multitude of concerned parties to take a closer look at the vulnerable point solutions we’ve stitched together that form IoT security frameworks. With the understanding that today’s state –of-the-art security is pretty much obsolete within a couple of years, organizations and standards bodies are taking the lead when it comes to ensuring security at every device point along the IoT continuum. For example, Intel’s EPID, or Enhanced Privacy ID, is freely available technology designed to enable silicon and device manufacturers, software vendors, and the broader IoT community to “…establish a solid root of trust of that can help to ensure that every device is a trusted device and every connection — all the way from endpoint to cloud.”
It’s not a single-vendor world in IoT anymore and all those vendors are aggressively avoiding being wiped out from a world of connected devices open to cyber threats. Platforms like EPID that help establish a foundation of identity, security, and privacy will go a long way to creating hardened IoT technology from the device to the gateway to the cloud.