Security, policy-enforcement and encryption
Many of the use-cases considered involve health, safety or regulated industries. Some will have specific security methods which need to be adopted, such as encryption. Others will need to support a range of security functions, from identity-management and user-authentication, to anti-DDoS and firewalling.
- It may be necessary to restrict which users are allowed to communicate, or which resources they have access to
- Auditing may be essential
- Future risks around “deep fake” voice or other exploits may also need to be considered
Full compliance with local data-privacy/ retention rules
The nature of the critical and safety-related uses considered here puts a premium on compliance. Different sectors and countries will have unique – and sometimes changing – rules on privacy (for instance in healthcare settings), data-retention and recording (for instance in banking or emergency-response applications), lawful interception and so on.
In some industries, alarm events and notifications may be financially-sensitive and thus subject to rules such as MIFID II. The platform provider needs to be able to be flexible here, rather than applying a one-size-fits-all approach.
Hybrid or on-premise options
In certain environments, cloud-based solutions running on servers in distant datacentres may be inappropriate. This could be because of low-latency constraints, concerns about security and control, or intermittent/expensive connectivity.
Examples could include military bases, remote mining sites, or rail/utility asset monitoring. In this instance, containerised versions of the platform may need to be integrated, deployed and run locally. There is an overlap here with broader trends towards edge-computing.