The question of what to do at the end of an IoT project is very rarely, if ever, asked in public. In all our years of trade shows and interviews, we have yet to hear someone discuss device recovery and recycling – an area that is of high concern in the conventional IT world. This is sort of to be expected of an early stage market, but there seems to be a risk that there could be devices storing sensitive data left out in the field once a project winds down, which risk falling into malicious hands and betraying their secrets.
This is a concern that is being pursued by Blancco Technology Group, which has been exploring the specific concerns that an IoT device might have, and how Blancco can expand to address those needs from its core business of IT and mobile asset disposal – where it provides software and appliances that securely erase devices before they are sold on to refurbishers or confined to the scrap heap.
Whether these are hard drives, server racks, or mobile phones, Blancco provides the tools needed to ensure that things like files, credentials, or encryption keys have been completely removed from a device. But for the IoT, where many devices are being treated almost as disposable assets, there seems to be a risk that adopters are going to fall afoul of new data protection regulations, such as GPDR.
Alan Bentley, Blancco’s President of Global Sales, said that the looming GPDR regulations are enough of a problem for Blancco’s core customers, never mind the newer IoT types. Bentley said it is not currently clear whether a data center or enterprise customer would now have to erase all of their devices before shipping them off to the IT Asset Disposal (ITAD) firms that have traditionally performed that function.
This can of worms, according to Bentley, will raise some interesting conversations with customers that have deployed IoT devices. Bentley noted that one of the biggest challenges in the IoT is the fragmentation in the number of operating systems used, which makes it hard to create a software tool that could address a multitude of devices.
Further complicating remote asset disposal is the fact that many IoT devices will have been deployed using batteries as power, and often a very basic processor to run the device efficiently. This is especially a concern where network usage is a key cost pressure. Consequently, many end-of-life devices won’t have the battery reserves, processing horsepower, or bandwidth, to run such remote wiping software – unless they have been deployed with the software from the factory, drawn up as part of the core design.
To the best of Riot’s knowledge, this sort of concern is not being addressed currently. For IoT devices with a target of ten-year lifetimes being deployed today, that consideration would have had to have been made a few years ago in the design process.
For the reasons mentioned above, this isn’t something you can fix after shipping either. So then it seems that over the next decade, there will be a lot of devices left out in the wild that have served their useful purpose, but that won’t be collected and recycled – because there’s no current cost incentive to do so, as they won’t have anything in the way of resale or scrap value.
That incentive could be a problem that takes regulation to fix (a hot topic in the wake of the Facebook and Cambridge Analytica revelations), but in the meantime, there are all manner of other IoT devices that are ripe targets for the likes of Blancco. Bentley says there will be a market for its services in the automotive space, but again, the variation in IVI kernels means that every car requires a slightly different approach.
To this end, Blancco is developing products that could be sold into this market, with Bentley pointing to Bluetooth pairing and the potential persistence of those accounts and settings across hire cars as a great example of an area that is going to get complicated with GPDR. Second-hand sales are another area where an automaker would want to ensure that it does not fall afoul of data regulations, and so a secure and certified tool to wipe these cars clean has real value in a world where there are threats of regulatory punishment for such infringements.
Smart home devices and smart TVs are two other opportunities for Blancco, according to Bentley. These have lower refresh cycles than cars or the oft-mentioned ten-year sensor, and so there will be a need for secure erasure – either remotely or once a device ends up in the hands of a specialist reprocessing firm.
Again, the smart home devices (such as video cameras, thermostats, or connected white goods appliances) will complicate Blancco’s development process, due to the huge potential combinations of operating systems and processors. These devices need to be secure before they are re-used in second-hand markets.
However, the threat of regulation could compel device makers to design their devices so that there is no risk of credential theft – from the moment it ships from the factory. Such a design would be a great draw for whitehat hackers, looking to show off their prowess, but if the industry can settle on an implementation that uses advanced security and encryption methods to make sure that data can’t be easily extracted from end-of-life devices, then it could cut out the likes of Blancco.
But we routinely see security reports that chronicle the latest hard-coded flaw in an IoT device, where default credentials and open networking ports have allowed easy access for the penetration testers. For businesses with SLAs to meet or regulation to comply with, the recycling firms and their associated vendors are going to continue to be vital to ensuring their end-of-life compliance.
In closing, Bentley said that the IoT represents a huge opportunity for Blancco. He said that the mobile business is exploding, and that the IoT market could follow pace. The mobile phone reprocessing market could shift easily enough to serving smart home devices, according to Bentley, but the biggest challenge for Blancco is developing a repeatable product that works on all manner of devices, and identifying the sorts of devices that have residual value and/or sensitive data on them that needs attention.