The Platform Pandemic

The Platform Pandemic

This week we saw two new platforms for the Internet of Things emerge, the most notable from microchip heavy hitter, Intel. Of course, this is just this week. There have probably been a dozen or more new IoT platform announcements in the last month and the number coming to market is steadily increasing. Postscapes offers a fairly comprehensive list here. While the battle is on to see who will win the title of Supreme IoT Platform Provider, one thing is certain – this plethora of platforms is a security nightmare.

Much like the early days of the networking, multiple protocols (think IPX, IP, Banyan Vines) and platforms usually spell mayhem for users and security professionals alike. Instead of leveraging a common language or foundation, everyone is building their IoT devices with their own future in mind. While some of the larger players are coming out swinging with solutions on the device and the platform side, for the most part there hasn’t been much interest in playing nicely with each other.

Printers are a great example, the lowest common denominator workhouse of the office has to speak up to a dozen protocols, and whenever someone bothers to look they tend to find vulnerabilities quite easily. Good story about them here.

One of the reasons that IoT has become such a big deal this year is due to the overwhelming ease at which sensor technology can collect and transmit data. Companies seem to be focused more on how to collect and profit from this data than how to secure it. Of course, right now, it doesn’t seem like to many people are worried about security or standardization. In fact, the only folks that seem to be concerned with IoT data breaches are in the government…and maybe Sony.

Of course, most of the platforms coming to market are offering all kinds of promises, middleware for edge management, fancy consoles for traffic monitoring and APIs for integration. So, the race is on for best in breed. My bet is on the vendors that focus on functionality, low power consumption, and ignore security.