One of the fundamental principles to security is applying the right security to the right places within the system according to the risk and value of the asset. As we continue to develop connected solutions that reside in physical devices, traditional or new, the threat surface continues to expand. This places security as one of the foundational elements to enabling the IoT and making a meaningful impact on social and environmental causes.
Playing a role in consortiums, alliances, and standards bodies is a primary opportunity to influence good security practices. There are three ways that taking a conscious approach to security can directly impact sustainability.
The first is around the reduction of electronic waste. Electronic waste doesn’t often get highlighted as a significant environmental concern, but it is an area of great opportunity. Today, it is very costly to recycle electronic waste, even when it is disposed of properly. Finding better ways to recycle e-waste is needed, but the right security solution can help reduce the overall amount of waste generated. This can be done by extending the usable life of products and developing hardware platforms that allow for software-defined solutions. Incorporating security subsystems that enable both approaches can result in the reduction of electronic waste by lengthening hardware life cycles and providing methods to leverage second life solutions.
The reduction of operational waste is another way security can impact sustainability. Defining security standards for IoT applications that are light in size can reduce the overall size and power of the device. It is common to take a data center approach to defining edge device interfaces by specifying the security requirements to include more than the necessary algorithms and additional interfaces. There is an opportunity to specify only the minimal number of interfaces and cryptographic processes to reduce the overall product size.
Security also has a big social impact by ensuring safe operation, safeguarding user privacy, and making security intuitive and easy, both for the end user and development teams. Most people are not security experts and do not understand the implication of security configurations and settings. Finding ways to seamlessly incorporate security from a user perspective has a significant impact on their general well-being.