In-brief: a new report out from Harvard Business School that looks at the business impact of Internet of Things technologies cautions that security and privacy concerns can’t be ignored but will, instead, be an important differentiator for consumers.
Harvard Business Review has a new report out in their series on the Internet of Things, this one looking at how IoT will transform companies – how they operate, interact with customers, and so on. It’s worth a read.
Among other things, the report addresses the role and impact of security as it relates to connected products. The authors, James Heppelmann (who is CEO of the firm PTC) and Michael Porter (faculty of the Harvard Business School) predict that companies’ ability to offer secure products and services will increasingly differentiate them in a crowded marketplace where the stakes of any failure are high.
From the article:
The risk posed by hackers penetrating aircraft, automobiles, medical equipment, generators, and other connected products could be far greater than the risks from a breach of a business e-mail server. Customers expect products and their data to be safe. So a firm’s ability to provide security is becoming a key source of value—and a potential differentiator.
Information technology, as it is now practiced in corporations, will change, as the front lines shift from a firm’s “data centers, business systems, computers, and networks” to every connected device “across all functions.” “Every smart, connected device may be a point of network access, a target of hackers, or a launchpad for cyberattacks. Smart, connected products are widely distributed, exposed, and hard to protect with physical measures,” the authors write.
While traditional IT security functions won’t go away, companies will need to look for ways to push security down to the device level, either by designing more secure products from the ground up, or by adopting layered protections for a much larger, more heterogeneous and distributed population of devices than now exists, the HBR report concludes.
What might those protections look like? The report notes that “security can…be enhanced by giving customers or users the ability to control when data is transmitted to the cloud and what type of data the manufacturer can collect.” That may be a reference to IoT-focused identity schemes like User Managed Access (UMA). Whatever the case, the HBR report concludes that “data privacy and the fair exchange of value for data are also increasingly important to customers.” Companies that want to succeed in the IoT marketplace need to create data policies and accurately communicate them to customers. Customers’ privacy concerns as well as increasingly stringent data privacy laws in the U.S. and EU are likely to shape corporate polices, as well.