This doesn’t mean no thought at all is given to security. Vendors of commercial devices are aware, Mackey said, that they need to “ensure that whatever data is being collected is appropriately secured in some fashion that a consumer would be able to understand and expect.”
Within enterprises, one priority is to make sure that updates aren’t going to change a device so much that it will require things like “retraining my users how to book a conference room from the device.” But another priority is for the devices to “be managed so there is no data bleed. There are a lot of things related to privacy in an employment environment,” he said.
Embedded security can be tricky
Even if security is a priority in IoT devices, though, it can be tricky. Matt Alderman, a co-host of the webcast, noted that such devices “aren’t running traditional operating systems in most cases. We’re talking truly embedded firmware systems, and that has a whole different nuance from the security perspective, because we can’t take our traditional OS-based approaches and wrap some security around them,” he said.