You are crazy!
What are you thinking?
Those are the words that came to mind when I saw the results to a recent Internet-of-Things (IoT) and embedded device survey Zentri ran asking the question, ‘Is security important to you and your connected product?’ Some responses (around 35%) came back ‘no’.
Flabbergasted, I had to take a moment to reflect on why anyone would actually think that IoT security isn’t important. I concluded that it’s really not that those individuals got it wrong, it’s the preconception of what IoT security is all about in this connected world.
Security isn’t just about protecting data anymore, its much bigger than that. Ask some of those big brands who recently had their security tested and they’ll often speak to their diminished brand reputation. According to the 2011 Ponemon Institute’s Report that surveyed 843 senior-level individuals at companies with an average estimated brand value of over $1 billion, a brand’s value is diminished by an average of 21% or $332 million due to a breach of customer data. This is a massive hit to large corporations, but could collapse a small to mid-sized company if not handled properly. Companies can spend millions upon millions building a brand that people trust just to see that reputation damaged from a single decision to not prioritize security in their IoT connected devices.
Security is even more important than the cost of goods. You wouldn’t buy your groceries from your local store if they openly published your credit card information even if they were 10% cheaper than the competition – or would you? Why? Because guess what? IoT security is important and your customers value it more so than saving a few dollars!
The point is this…It doesn’t matter how low a product’s price is if a security breach tarnishes your reputation. There is no such thing as 100% security – I understand that, but there should also be no such thing as zero security or even limited security. Security is not the place to be frugal because it’s not just about your data anymore, it’s about your brand, your investment and your future.
Security is actually an industry wide problem. Engineers and buyers are all trained to focus on lowest cost. It was a commendable option in the unconnected world, but in the IoT connected world there is more to consider than the ‘lowest cost’.
If you are thinking about making an IoT connected product, consider your investment before the product. If you need to save a dollar or two on the Cost of Goods, just don’t do it in lieu of security.
What should you look for? There are IoT operating systems that are designed for low cost, resource constrained devices. Specifically look for one like ZentriOS (www.zentri.com) that encrypts application code and the operating system on a PER DEVICE level, not a SKU level.
Whatever your solution is however, design wise, design secure.
Click here for more information about the IoT Security in ZentriOS.