Two stories last week illustrate the security risks of having a connected lifestyle. Forbes magazine tells in separate pieces how modern car systems can be overriden and how smart-homes can be hacked.
Smart-home system security is a particular interest of mine, for a while I was involved in a home automation business, but I found the industry’s cavalier attitude towards keeping clients’ systems secure was unacceptable.
The real concern with all of these stories is how designers and suppliers aren’t taking security seriously. In trading customer safety for convenience, they create serious safety risks for those using these systems. It’s as if nothing has been learned from the Stuxnet worm.
A decade ago, a joke went around about what if General Motors made cars like Microsoft designed Windows. Like all good stories, it had a lot of truth to it. Basically, the software industry doesn’t do security particularly well; there are developers and vendors who treat security as a basic foundation for their work, but they are the exception rather than the rule.
That may well be a generational thing as today’s young developers and future managers are more aware of the risks of substandard security in the age of the internet.
Rather than seeing security as something that is bolted on to a product when problems arise, this generation of coders have to treat security as one of the fundamental foundations of a new system.
What is clear though is that the builders of critical systems are going to have to take security far more seriously as embedded computers connected to the internet of machines become commonplace in our lives.
For businesses, we have to think about the vulnerabilities in our systems and understand exactly where the risks are as processes become increasingly automated and dependent upon computers.
Paul Wallbank‘s latest book, eBu$iness, Seven Steps to Online Success, shows how business can get online quickly and cost effectively using web 2.0, cloud computing, social media and e-commerce tools.