The consumer mind-set has not yet moved on to understand the security threat implicit in multiple connected devices, and the concern is that waiting until the problem occurs is too late. The industry needs to work together to ensure security is designed in from the start, not provided as an afterthought.
Education has to be a joint effort from industry, governments and academic bodies, as consumers generally want convenience first and security is much further down the list, so it is our job to help.
TRP: What is the best way to secure yourself or your company against security threats in the IoT?
AS: Don't bury your head in the sand and think it won't happen to you. Weaknesses in security systems will be exploited. Look at what and who will be connecting to what and determine a security strategy based around risk.
The level of security employed has to be appropriate to the risk, but starting with the basics of who and what are connecting is a good place to begin.
TRP: Which types and sizes of organisations are best suited to MyID?
AS: MyID is an extremely scalable product, from small to medium organisations with 500+ users all the way up to major government projects with millions of users.
TRP: Who is in charge of the MyID implementation? The device manufacturer, the individual or the company?
AS: MyID can be installed on-premise for those organisations wishing to take care of managing identities in-house, and it is also provided as a managed service by a number of Intercede partners for those wishing to adopt an IaaS (Identity as a Service) model.
TRP: Where do you see MyID in terms of the wider vision for the IoT moving forward?
AS: MyID is all about creating trusted identities for people and devices. Today these tend to be for employees and machines managed by large organisations, tomorrow it will be devices capable of interacting in a secure manner – be it a health band, a car or a fridge.