Approximately 80 percent of IoT device users in the United States, in the UK, and in Canada do not trust their IoT devices to ensure their security and privacy, a survey carried out by BlackBerry has revealed.
The survey also revealed that consumers in these three countries are more likely to purchase new IoT devices from companies that have a strong reputation for data security and privacy. This suggests that even though increasing consumer demand is fueling an explosive growth of the IoT devices industry, companies whose devices are either insecure or feature vulnerabilities could suffer major losses in the coming days.
In order to address increasing calls from consumers for more secure IoT products, BlackBerry said it is launching new BlackBerry Secure feature packs which IoT device manufacturers can integrate with their future products without having to develop the technology and deep cybersecurity expertise internally.
"2019 will be the year consumers will begin to vote with their wallets and seek out products that promise a higher level of security and data privacy. IoT device manufacturers can address security and privacy concerns head-on and stand out in the cluttered IoT space by bringing to market ultra-secure products that consumers, retailers, and enterprises want to buy and use," said Alex Thurber, SVP and General Manager of Mobility Solutions at BlackBerry.
"This new service is a pivotal point in the company’s software licensing strategy and underscores BlackBerry’s evolution from providing the most secure smartphones to delivering the trusted security for all smart ‘things’," he added.
Consumers' reliance on IoT devices at an all-time low
The findings of BlackBerry's survey is much in sync with the findings of a survey carried out by Allot Communications in October which revealed that half of IoT device users were aware of inherent security weaknesses in their devices and only 20% of consumers were satisfied with the built-in security of connected devices.
While 28 percent of those surveyed expressed concern about the loss of privacy as a result of weaknesses in IoT device security, 26 percent were concerned about over-reliance on technology, and 22 percent were concerned about suffering cyber-attacks.
To address their concerns, the survey also revealed that 66 percent of households with one to ten IoT devices in their homes are willing to pay an average of $4.90 as monthly fee to secure their IoT devices while 84 percent of households with more than ten devices are willing to pay $6.16 as monthly fee for the same purpose.
However, only 22 percent of such consumers are willing to purchase security services from their ISPs, with a majority of them opting for either of three leading consumer security brands. Allot Communications opined that ISPs can play a major role in securing home IoT devices as they are uniquely positioned to gain a market footprint by leveraging their existing, direct relationships with their subscribers and taking advantage of their physical presence in the home as the provider of CPE.
New feature packs for IoT devices from BlackBerry
From now onwards, IoT device manufacturers can choose from three BlackBerry Secure feature packs as per their product types and specific security needs. The BlackBerry Secure Enablement Feature Pack offers secure manufacturing and product lifecycle management features, such as a manufacturing station that provides a hardware Root of Trust and is connected to the company’s Network Operation Centre.
The BlackBerry Secure Foundations Feature Pack locks down software being executed with Secure Boot and ARM Trustzone technology to securely generate, use and store encryption keys used for various software operations, and also generates real-time ‘health’ reports that can be accessed by users and trusted third-party applications.
Lastly, the BlackBerry Secure Enterprise Feature Pack offers extended device management policies to control what can be accessed via device debug interfaces, communication protocols (Bluetooth, NFC), and radios (cellular, WIFI, GPS) and is also able to set policies which add baseline security for certifications such as FIPS.