Talking about security from the perspective of the Internet of Things (IoT), it is worth noting that fool-proof measures to thwart privacy also go beyond the industrial scheme of things and have huge potential for improvisation from the societal point of view.
Now, with business-to-consumer (B2C) segment being the focal point, Rahul R of ElectronicsForYou chose to shed light on an unconventional aspect which is cyber-security in smart retailing.
In this regard, Rahul R spoke to Kaustubha Parkhi – principal analyst at Insight Research to understand the threats plaguing modern smart retail sector.
Q. Speaking from the smart retail point of view, what are the digital threats that retail owners and customers are likely to face?
Q. At this juncture, it is worth understanding that both the physical as well as electronic storefronts are directly or indirectly vulnerable to security threats due to the IoT architecture. The traditional retail and logistics have been the earliest adapters of smart aspects viz sensors, IoT, and machine-machine technology. This is because IoT helps conventional retailers to manage resource-intensive, populous and mobile aspects such as inventory.
Now, the level of security risk increases as these retail stores integrate peripheral aspects such as humidity, ventilation and air-conditioning (HVAC) with their conventional network. The security yardsticks, such as authentication, access verification, and authorisation with respect to IoT-enabled devices are sometimes not followed. The attack on a major North American retailer’s credit card database due to an alleged breach in such peripheral login credentials is a case in point.
Electronic storefronts are extremely attractive targets for hackers due to the visibility offered and the volume of commerce involved. While eStores are vulnerable to all attacks and threats that plague ordinary websites & web resources, the operational disruption and the loss of reputation caused by the attacks is more acute.
Q. Since you stress the fact that retail stores are attractive targets for cyber criminals, how should engineers go about buildings solutions for smart retail?
Q. Retail can be counted among the more mature IoT markets, with extensive deployment of Big Data and analytics, to make sense of the transaction volume Engineers need to leverage this intelligence. IoT engineers and service providers should be vigilance and emphasize on quick capture and troubleshooting of deviations.
Engineers and designers need to be clear about what they expect from IoT. IoT adds value when manual inspection and monitoring becomes cumbersome. In general, it makes sense to invest in IoT when there is large inventory, multiple stores and remote monitoring involved.
Q. In line with your response above, any easy tools that you can recommend to embedded and database engineers?
A. At the embedded device level, security designers are constrained by the limited resources available for implementing adequate device-level security. Engineers should concentrate on fortifying the perimeters of their databases. As IoT-enabled retail data architecture gets more complex with peripheral data co-existing with core operational data, micro-segmentation of the data center will be an effective tool as well.
Q. Finally, your impressions on smart retailing in India, and underlying security.
A. I feel that smart retailing is bound to grow by leaps and bounds in India, now with an emphatic foreign direct investment (FDI) push in retail. We already have a very rapidly growing e-tail industry with investments worth billions of dollars. We should remember that our large volumes and relative low levels of awareness at the user level, make our country especially vulnerable.
Retailers need to factor these aspects while designing security in areas such as e-payments. IoT can ease numerous pain points in the retail domain. In summary, technologists should keep their eyes and ears open as major smart innovations are poised set to hit the retail sector.