Week 2

avatar
Created by
High-pitchedBeetle8111

Cards (32)

  • Drivers for IoT:
    • IP (Internet Protocol) networking is globally adopted
    • Connectivity is everywhere
    • Smaller and faster computing – smaller parts and faster chips lead to more accessible devices
    • Cloud computing is growing – cloud services are faster and easier to access
    • Data analytics feeds growth – analysis results can enhance service and performance of IoT devices
  • IoT = network of objects (devices, sensors, etc.) connected to the Internet.
  • Transition to TCP/IP changed our way of life, allowing widespread access to the internet, connectivity, and interactions online
  • The internet has impacted us personally, socially, and professionally
  • Impact of the internet includes how people like to communicate:
    • Real-time communication; instant communication
    • Store-and-forward; delay is acceptable (email and voicemail)
  • Common IoT applications we use in daily life:
    • Health monitoring and updating
    • Home security and smart homes
    • Online calendars
    • GPS
    • Online banking
    • E-commerce purchases
    • Smart systems in automobiles
  • IoT Impact on Business:
    • Retail stores
    • Virtual workplace
    • Remote sensors
    • Traffic-monitoring
    • B2C service model (online access to businesses' products and services)
    • AaaS IoT cloud services
  • E-commerce is the sale of goods and services on the Internet.
  • E-commerce supports 2 business models: B2C and B2B
  • B2C is an online storefront where customers can purchase goods and services directly from a website
  • B2B online systems are built with links for conducting sales with other businesses
  • E-commerce systems demand strict CIA controls for compliance with PCI DSS standards to ensure privacy and protection of customer data
  • Challenges with conducting business on the web include:
    • Growing a business through the Internet
    • Transitioning from an existing business to e-business
    • Building secure and available websites/e-commerce portals
    • Implementing a web-enabled customer service strategy
    • Finding new customers with online marketing
  • An e-business strategy involves changing business functions and operations into web-enabled applications, including marketing and selling goods/services on the internet
  • Elements of an e-business strategy include:
    • E-commerce solution, such as an online catalog for purchasing goods
    • Internet marketing strategy
    • E-customer service-delivery strategy (online customer service)
    • Payment and credit card processing that must be encrypted
  • Businesses must have an internet and IoT marketing strategy:
    • To remain competitive
    • Because the brick-and-mortar model is out of date in the global market
    • To supply continuous access to information, products, and services to customers
  • As businesses shift to the Internet, they increase their exposure to online risks, threats, and vulnerabilities.
  • Security controls companies must implement:
    • secure front-end and backend systems
    • secure web-applications
    • the encryption of customer data
  • Issues with mobile computing:
    • network speed
    • usability
    • security
  • Growing use of personal devices (BYOD) in the workplace has lower price and operation costs. However, the nature of BYOD can open door to security issues.
  • Security Issues with IoT devices:
    • deployed in large quantities; an outage could impact many endpoints if attacked
    • ubiquitous and can have wide reach into the user or household population
    • lack of maintenance or updates allow vulnerabilities
    • upgrades can be difficult to distribute and deploy
    • typically do not provide owner or user internal visibility/knowledge of how a device works
    • usually not physically secure
    • environmental IoT devices capture readings and measurements in the open
  • Privacy challenges that must be addressed by manufacturers and defined in the right-of-use and software End-User Licensing Agreement (EULA) include:

    • Privacy policy statement – actual legal definition of user's privacy rights
    • Definition of data, metadata, or analytical data use and rights
    • Ability for a user to provide consent to a manufacturer’s or application service provider’s privacy policy statement
    • Determine the domain of privacy
  • Questions to answer in addition to privacy issues:
    • How do we address the data source and the data collectors’ rights and use of data?
    • Is there a happy medium that includes de-identification of private data, with no ability to link that data to a person?
    • How will an individual or business even know what a good privacy posture or preference is?
    • Will current social contexts and acceptable behavior extend to the IoT?
    • Can we develop privacy by design (with a set of core requirements) and implement a standard of privacy for all of the IoT?
  • Interoperability: the ability of computer systems or software to exchange and make use of information
  • The goal of manufacturers is to bring down the cost of IoT devices and supporting applications so they are affordable. Interoperability drives down the cost of IoT implementation, and thus has significant financial impacts if not properly addressed.
  • Here are the key challenges that must be addressed with interoperability and standards:
    • Some manufacturers want to design and deploy proprietary IoT devices and solutions
    • Cost factors to implement functional, operational, technical, and security capabilities into IoT devices and applications
    • Time-to-market risk
    • Technology outdated risk
    • A void in interoperability and standards for IoT devices can create an environment of bad IoT devices
  • Privacy data is subject to the privacy laws of the state you live in and the state where the IoT hosting company is located
  • IoT vendors or solutions providers must follow security control requirements and data protection laws
  • Current liability laws and protection may or may not cover IoT devices connected to the public Internet
  • Questions to consider about data collection:
    • Who is collecting the data?
    • Who is collecting behavior patterns?
    • Are they selling this data?
    • Do they have the right to sell it?
    • Is there liability associated with the data?
  • With regulatory compliance, we are concerned about properly handling and protecting sensitive data and ensuring its confidentiality.
  • IoT can bring e-commerce and economic development for countries:
    • Infrastructure resources – communication infrastructure and internet network are needed
    • Foundational investments
    • Technical and industrial development
    • Policy and regulatory definitions