Sean Ford, its Chief Marketing Officer, and Daniel Cran, its APAC Director explained any IoT device that communicates using IP (Internet Protocol) is at risk of being used as part of a botnet for Distributed Denial of Service (DDoS) attacks, spam, or even a way into the [corporate] network. It is particularly at risk from older ‘legacy’ devices.
“There is lack of definition of what IoT really is – so every connected device is relevant in a security sense,” said Cran. As every security firm will tell you IoT is the ‘next big thing’ we have to secure it. Let me tell you the security industry are not even close to solving the plethora of security issues,” he said.
LogMeIn is not so much a security company as a developer of cloud based remote PC, Mac, and Mobile device connectivity, rescue, and collaboration services.
It has been concentrating on its core business and expanding its offerings organically or by acquisition.
In 2007, London architect Usman Haque founded Pachube as a data infrastructure and community for the Internet of Things. Following the nuclear accidents in Japan in 2011, Pachube was used to interlink Geiger counters across the country to monitor the fallout. In July 2011, it was acquired by LogMeIn and renamed to Cosm that - after beta testing in May 2013 - was rebranded as Xively to become a Public Cloud for the IoT. In 2014 it acquired Ionia – a firm specialising in integrating connected objects.
Xively is largely device and operating system agnostic. Its cloud connects IoT devices and can authenticate them, lock their activities down, set up routing rules and permissions, encrypt IP traffic, and monitor for suspicious activity – good security. It can process 86 million messages per device per day and effectively quarantine IoT devices from the Internet while allowing them to use Ethernet networks, and mobile broadband back to servers. “Whether you use a physical light switch or a smartphone connected IoT device you want it to work right away – there is little latency with Xivley,” Ford said.
For example, US based Symmons Industries makes Symmons Inflow Shower – it is an IoT device and it transmits data about your shower patterns to help save water and energy. The analytics are passed back to the utility company and around 20% savings can be achieved. Imagine the markets that opens up in hotels, where water is one of their biggest costs. We joke that if this is hacked it could identify when no one is home – or extremely dirty.
Ford referred to Machina, a US research company focusing on IoT and M2M (machine to machine) that has released a raft of research on this subject. IoT growth will be spectacular over the coming years – it is estimated to have a total of US$4.3 trillion in revenue for companies that can monetise it. A recent survey of approx., 1,700 management-level respondents revealed that 21% of companies had actively started to implement IoT, 80% of which have gone DIY (do it yourself) - many of these are finding it too hard to secure and coming to Xively.
So begins an interview that educated me in a host of connectivity and collaboration issues from this ‘disruptive’ company.
The rest of the interview is paraphrased to avoid the overuse of ‘he said.”
Identity theft is a major issue – the market is expected to be $2-3 billion per annum and growing. LogMeIn felt that two party authentication was key to a safer internet so on 9 October, 2015 acquired LastPass – a ‘freemium’ password management service. Users passwords are protected by a master password and stored in both a cloud based vault and on the local device. It also has password generation and an automated form filler.
Good password management, storage and hygiene is essential as it will prevent most identity theft issues. It also prevents poor selection and overuse of the same passwords – literally dozens of passwords to connect to Google/Microsoft/Android accounts, social media, routers, work computers, networks and much more. LastPass is available free to home users – it may nag you to upgrade to Premium – and enterprise users can purchase site licenses.
After the interview I installed the free version and was staggered at the number of unsecured passwords it found on a very new PC.
We spoke briefly about its Rescue product that allows a technician to tack control of a computing device to analyse and hopefully fix it. It has been improved with Rescue Lens and BoldChat that allows a web cam to be used to provide live interactive support. Most of the major players – Microsoft, Vodafone, Geek Squad etc., use it for support.
Another product causing ‘waves of disruption’ was join.me video conferencing and collaboration. While it is up against the big players like Cisco WebEx and GoToMeeting its main difference is that it does not require a viewer download and has most, if not all the features. It is free to consumers and there are Pro and Enterprise versions at a cost. Ford said that the secret is simplicity – instant online meetings, no viewer downloads, mobile capable, shares desktops and much more.
Both Ford and Cran summarised.
Every company will need to be ‘connected’. IoT alone will create a huge volume of data, that data needs to be analysed and comprehended, and decision made. Xively is the key to that.
Collaboration is important as millennials want more work/life balance and work from anywhere, anytime on any device. They need transparent, seamless integration. join.me will do that easily from most devices.
Identity security is the key and two factor authentication and strong passwords are a good start. LastPass is a great solution.