The Internet of Things: Privacy Considerations OF THINGS - IOT Human Beings vs. Internet Connected...

1 © 2015 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Vet.

Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

The Internet of Things:

Privacy Considerations

Presented by:Jordan Reed, Managing Director

Joe Marcum, Senior Manager

© 2016 Protiviti Inc.

CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.

PRESENTERS

Jordan Reed, Managing DirectorIoT Introduction and Overview

Joe Marcum, Senior ManagerIoT Application and Usage

2



Imagine…

INTERNET OF THINGS - IOT

3

Graphic by Harbor Research

The Internet of Things (IoT) is an environment in which objects, animals or people

are provided with unique identifiers and the ability to transfer data over a network

without requiring human-to-human or human-to-computer interaction. IoT has

evolved from the convergence of wireless technologies, micro-electromechanical

systems (MEMS) and the Internet.

http://whatis.techtarget.com/definition/unique-identifier-UID

http://searchmobilecomputing.techtarget.com/definition/wireless

http://searchcio-midmarket.techtarget.com/definition/micro-electromechanical-systems



INDUSTRIAL AGE

1960 1944190318861800’s<1800

4



INFORMATION AGE

1969

Apollo 11

Computing

Power

1970’s

Super

Computer

1990’s

PC

2000’s

Laptop

2010

Smartphones

1969

Apollo 11

145k LOC

1980

Suttle

400k LOC

2013

MS-Office

45M LOC

2015

Automobile

100M LOC

5



EXPONENTIAL AGE

6

“Due to the impact of exponentials, we

won’t experience a hundred years of

progress in the 21st century, it will be

more like twenty thousand years of

progress.”

500M

Devices

Connected

2000

360M

People

Online

2005

1B

2011

2B

2020

6B

12.5B

Devices

Connected

1974

Internet

Created

<1800’s

Train

Robbery

(100)

<1800’s

Robbery

(1)

2007

TJ Maxx

(45M)

2011

Sony

(77M)

2013

Target

(110M)



CHANGING BUSINESS MODELS

Products Companies Customers

7



INTERNET OF THINGS - IOT

Human Beings vs. Internet Connected Devices

8


The number of internet-

connected devices

surpassed the number of

human beings on the

planet in 2011.

By 2020, internet-

connected devices are

expected to number up

to 50 billion.



FUTURE OUTLOOK

The IoT is a

combination of:

Sensors

Connectivity

People & Processes

9



We are giving our world a digital nervous system.

Mobile Apps

Social Media

Efficiency &

Convenience

Target Marketing

SENSORS & ACTUATORS

10




These inputs are digitized and placed onto networks.

CONNECTIVITY

11




These networked inputs can then be combined to integrate data, people, processes and

systems

PEOPLE & PROCESSES

12




ELEMENTS OF IOT

Transmission

Internet

Of

Things

Collection

Data Storage

and Analytics

Visualization

and Data

Interpretation

Security and

Privacy

Primary IoT components:

Collection – made up of sensors,

actuators

Transmission – RFID, Bluetooth, Wi-Fi,

Cellular and wired networks

Data Storage – on demand storage and

computing tools for data analytics

Presentation – visualization and data

interpretation tools

Security – device configuration, user

access, and updates

13


CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party. 14

Source: Harbor Research



DIVERSITY OF THINGS

The convergence of these technologies includes various degrees of sophistication

Verizon’s IoT sophistication model, 2015.

Efficiency: Control and React

• Gathered data is actioned more

systematically, with greater automation,

remote control, and some trends

analysis and reporting.

Innovation: Transform and Explore

• Data and insights are used to support

entirely new business models, products

and services, and data economies.

Visibility: Connect and Monitor

• Individual assets, each gathering just a

small amount of data, are connected to

enable manual monitoring as part of a

single organizational process, with

simple threshold-based exception

alerting.

Agility: Predict and Adapt

• Sensed data is augmented by external

data sets for complex predictive

analysis for preemptive action, closely

integrated with a number of

organizational processes.

DEGREE OF SENSING

DEGREE OF SENSING

DE

GR

EE

OF

AC

TIO

ND

EG

RE

E O

F A

CT

ION

High

Low

Low High

15



INTERNET OF THINGS – CONSUMER TECHNOLOGY

Phones / Tablets Wearables

Home Appliances Smart Thermostats

16



INTERNET OF EVERYTHING … NOT JUST CONSUMERS

Based on Moor Insights & Strategy’s report Segmenting the Internet of Things (loT)

17



ENERGY AND UTILITIES

Connected Electricity

• Smart Meters

– Automated data collection

– Detailed electricity usage

– Automatic detection of outages can lead

to faster repairs

Oil and Gas

• Sensors in the Field

– Live production data enables smart forecasting

– Optimize well production

– Connected systems for remote site management

allow for start up / shut down of equipment

– Combined data sources reduce impacts from weather and other conditions

18



ENERGY AND UTILITIES

• Connected Cars

– Road sensors for weather and traffic monitoring

– Autonomous Cars

o Reduced Traffic

o Increased Safety

– Automatic accident reporting for improved response time

• Telematics

– Monitor driving behavior

– Data analysis to calculate more precise

customer pricing

Automotive

Insurance

19



IOT APPLICATIONS IN THE MEDICAL FIELD

• Devices report back to the “mother ship” when critical operational components are being depleted

Proactive fulfillment by replenishing supplies

• Provides daily utilization statistics that can be leveraged for patient scheduling (e.g. MRI machines).

Efficient scheduling by leveraging utilization

• Provide unparalleled access to individual health plus reduce device downtime through remote

monitoring and support

Monitor Both Machine and Patient Health

through sensors

• Grain sized ingestible sensors/pills communicate if pills are taken and health habits.

Ingestible sensors

20



THE INTERNET OF THINGS : RISKS

Source: Cisco, SlideShare

21



PRIVACY CONCERNS

Source: http://www.privacyguidance.com/einfograph.html.

22

http://www.privacyguidance.com/einfograph.html



YOUR LICENSE TO LINKEDIN

Your License to LinkedIn

You grant LinkedIn a nonexclusive, irrevocable, worldwide,

perpetual, unlimited, assignable, sublicenseable, fully paid up and

royalty-free right to us to copy, prepare derivative works of, improve,

distribute, publish, remove, retain, add, process, analyze, use and

commercialize, in any way now known or in the future

discovered, any information you provide, directly or indirectly to LinkedIn,

including, but not limited to, any user generated content, ideas,

concepts, techniques and/or data to the services, you

submit to LinkedIn, without any further consent, notice and/or

compensation to you or to any third parties. Any information you

submit to us is at your own risk of loss.

23



IMPLEMENTATION CHALLENGES

Source: http://www.bestcomputersciencedegrees.com/internet-of-things/

24

http://www.bestcomputersciencedegrees.com/internet-of-things/



PUSH FOR CLOUD FOR THE INTERNET OF THINGS HUBS

• Cloud IoT Hubs will be the bridge between users’ devices and their solutions in the

cloud, allowing them to store, analyze and act on that data in real time.

– Microsoft launches Azure IoT Hub

– Cisco acquires IoT vendor Jaspar for $1.4B

– Amazon launches AWS IoT / Dash

• Amazon Dash

– Amazon’s Dash Replenishes System (DRS) launches. Devices such as Brother’s printers

can automatically reorder supplies with zero human effort.

– Dash Buttons – Small, Wi-Fi enabled, instant ordering of predetermined products – uses

credit card on file and delivers with 2-day shipping

25



IDENTITY MANAGEMENT IN TODAY’S WORLD

USAA - 1st financial institution to roll out biometric security with its mobile

banking app. Allowing users to log in through fingerprint, voice, or facial

recognition.

Nymi successfully tests Nymi Band which is a wrist band heart rate monitor

which doubles as an NFC mobile payment device using your EKG to verify your

identity.

Fifth Third Bank is introducing Touch ID biometric capabilities to its mobile

banking app for the iPhone. Touch ID allows fingerprint authentication for

enabled devices, letting customers log into their Fifth Third app with their fingers

or thumbs instead of a password.

26



IDENTITY MANAGEMENT

Business point of view = IoT enables new opportunities, use cases and

scenarios.

Technical point of view = IoT consists of uncountable devices, sensors or

actuators or simply objects connected to services in the Internet.

Today’s separated solutions and niche standards have no overall framework

for how to recognize and manage identities across different solutions.

1) How do we standardize identifiers?

2) How do we separate components within IoT?

3) How do we define ownership and identity relationships?

4) How do we protection Identity?

27



OWASP TOP 10 IOT SECURITY CONCERNS/FOCUS AREAS

Insecure Web Interface1

Insufficient

Authentication/Authorization2

Insecure Network Services3

Lack of Transport

Encryption/Integrity Verification4

Privacy Concerns5

Insecure Cloud Interface6

Insecure Mobile Interface7

Insufficient Security

Configurability8

Insecure Software/Firmware9

Poor Physical Security10

28


CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party. 29



THANK YOU

Powerful Insights. Proven Delivery.®

Phone: 713.314.4955

[email protected]

Houston, Texas

Jordan ReedManaging Director

Powerful Insights. Proven Delivery.®

Phone: 713.314.4952

[email protected]

Houston, Texas

Joe MarcumSenior Manager

30

The Internet of Things: Privacy Considerations OF THINGS - IOT Human Beings vs. Internet Connected...

Documents

Transcript of The Internet of Things: Privacy Considerations OF THINGS - IOT Human Beings vs. Internet Connected...