In Machines We Trust - Getting the Security Ingredients Right
Last week featured the release of our 4th GSIM report, which covered the rise of Machine to Machine (M2M) communications within the mobile world. The report highlighted the growth of M2M communications, examined expectations and concerns, and highlighted the need to ensure security is incorporated in the design of the technology from the start.
M2M is an exciting area for operators. Not only does it allow them to expand subscriber numbers in developed markets, but it offers operators the chance to expand their offering into something other than simply handling people’s communications. If done correctly, it allows them to move into areas such as connected healthcare and transportation which will be of critical importance to the society of tomorrow.
And that’s where the need for security comes in. As the importance of these communications is greater for certain devices, then the requirement for security is greater as well. Recent reports of wirelessly hacking medical devices, and our own illustration of the vulnerability of a mobile controlled front door controller shows the type of effects that the lack of security can have.
M2M security cannot be approached light-heartedly. Some may point to the use of private dedicated APNs for M2M devices as providing all that is required for M2M security. However that ignores the fact that many M2M devices will never have a private APN dedicated to them, and that many M2M devices today communicate via the same network that people use. A further complication is that these networks often rely of people forming a critical part of the security, another re-conception that needs to change to implement M2M security..
We need to make sure then that security is designed from the offset, for as Sinisha Patkovic of RIM memorably described at the recent AdaptiveMobile–sponsored MWC Mobile Security Forum, “security is like eggs within your cake. It’s a lot easier to add the eggs when you bake the cake, than try to add the eggs after the cake is done.” Lets get the ingredients for M2M right from the start!