A version of this article was first published on HIPAA Vault’s
Connectivity seems to be all the rage these days, as the Internet of Things (IoT) continues to invade even our most common devices. From home thermostats to gas meters, (think of built-in, real-time leak-detection capability that can send alerts, and potentially save lives), to our “AI assistants” Alexa and Google Home, IoT is rapidly changing the way we collect useful information. Even some vending machine companies have installed “geo-awareness” to allow hungry customers to scan their proximity for the nearest, desired snack.
The ramifications of this technical revolution, of course, are myriad, and there appears to be no end in sight. We’re currently seeing a proliferation of powerful sensing devices in almost every field – from personal fitness, to automobiles, to home appliances. It’s happening already. Expect to see an increase in the number of sensors for the home especially, providing a depth of performance analytics that will be desired by both utility providers and their customers.
For data management companies, IoT means databases will need to handle time-stamped data, for identification and analysis of “real time” performance characteristics. Server storage facilities will also need to grow, able to handle the explosion of new and available information. “Big data” is rapidly becoming “very-big, or mega data.”
How Will all this Data be Secure?
All of which means that data protection will become an increasingly key component in the IoT revolution. This is true not only on a global scale, but also on the local network and security level – especially in the realm of personal, protected information. For example, wearable scanning and monitoring devices can certainly promote health awareness, and potentially trigger alerts about disease processes, but once this sensitive medical data is sent streaming across a network, how can it be be kept private and secure?
Vulnerability scanning tools and services will need to adapt, able to provide round the clock vigilance and services for this real-time data stream. Hacking remains the primary means of data attacks, accounting for 63% of all breaches. While 2017 may have seen a slight decline in the global average cost per stolen record (from $158 to in 2016 to $141 last year), data breaches are also increasing in frequency and complexity. In 2017, the average size of a breach increased 1.8 percent, to 24,000 records.
Important security measures like forced credential changes and required https for web access will certainly need to be emphasized, as anticipated protections become more engrained in the developer’s mindset. (One effort to attempt national standards for these things was The Internet of Things Cybersecurity Improvement Act of 2017.) Additionally, network designs and architectures will also evolve, beginning at the design level, to account for greater scalability needs and added security requirements.
Managed security service providers are sure to play a key role in this technical revolution, as staying current with the latest vulnerabilities and the increasing need to protect HIPAA data will be essential. This is to be expected as IoT continues to expand its reach, for more personal data is surely coming.