Embedded engineers within the consumer electronics industry are excited about the IoT. Why? “Sell more products because they are IoT ready” and “Charge a higher premium for our products” are the two main reasons according to VDC Research’s 2015 engineer survey. Consumer electronics makers want to move more units at a higher price due to the allure and novelty of connected devices. Survey data reveals the perception among engineers that the IoT is a great marketing tool when selling products such as smart watches, fitness trackers, connected TVs, and smart home security systems in the consumer market.
On the other hand, the average embedded engineer across all verticals is most excited about something entirely different: Data collection – obtaining larger and more numerous streams of digital gold from connected devices. 44.7% of embedded engineers across all verticals responded that they would “use data [they gathered] for many purposes,” making it the most important consideration for their organization’s push towards the IoT. Increased connectivity leads to richer, more granular sets of data, which will be an excellent analytical resource for companies in the lower-visibility verticals. Data gathered from industrial, aerospace & defense, and medical devices can be used to fine tune processes and wring efficiency from a wide variety of machines.
The security implications are clear – OEMs in the consumer electronics space place much less emphasis on keeping the generated data in-house, as this data is less likely to be recycled into internal ROI as heavily as it might be in more industrial or commercial verticals. Thus, consumer data privacy and security will come in as a lower priority in the design process, and fewer resources will be allocated to handle and secure the generated data.
While consumer electronics engineers might not place too much value on consumer data, IoT service providers, such as Google, Microsoft, and Amazon, certainly will. Storage, monitoring, and analytics services, among others, will be a huge source of revenue for these companies moving forward. OEMs will inevitably sell this data to multiple organizations, with varying levels of attention paid to data sanitization, storage, and transport. Consumer data will be exposed to an exponentially-scaling number of threats as it is aggregated, copied, manipulated, and shifted through database after database.
At the point of collection, security practices among consumer-facing vendors are often watered down in an effort to make products as simple and easy to use as possible. Common vulnerabilities include weak (or sometimes missing) default usernames and passwords, obvious public-facing device identifiers, and a lack of interface for resetting or reconfiguring security parameters. The vendors that truly believe in honoring their promises to deliver security and privacy best practices will have a strong differentiator within the market.
We discuss these issues, review the current landscape, and take a quantitative dive into consumer electronics security, IoT services, and recent developments in our latest report: Embedded & IoT Security for Consumer Electronics & Home Automation.