“When you do something as an afterthought, it becomes extremely difficult to bake it back into the design.”
Building security into Internet of Things (IoT) devices has become a primary design consideration because of the changing nature of these devices. Debasis Bisoi,
Vice President & Head, Manufacturing-Aerospace & Process Industries Vertical at Tech Mahindra, says that, “It is actually the customers who want increasing compute power in the devices, and that power opens new vulnerabilities.”
It’s only recently that security has become a major issue for solution designers. “With the first wave of IoT devices, security wasn’t something engineers originally thought of as a critical aspect of the design,” Bisoi says. “IoT devices were installed on the factory floor to monitor machines and process performance, or they were embedded in consumer goods. They were designed for stand-alone uses. They were isolated from the enterprise network.”
But that use case changed quickly as people recognized the value of the data IoT devices were able to collect and the added product value that could come from analyzing that data. To realize that value, data has to be taken out of the devices, analyzed, and turned into meaningful information for users. Bisoi explains, “This means that the devices now have to be connected to the internet and the enterprise network. Suddenly, security became extremely important.”