Russia’s iPhone ban and the digital supply chain

Russia’s Kremlin ordered officials to stop using iPhones, apparently over concerns the devices could be vulnerable to Western intelligence agencies, Reuters reports. When surveillance-as-a-service firms sit exposed for brazenly undermining device security, it’s hard to think there isn’t an argument there. But the bigger story isn’t the harm to Apple’s small business in Russia, it’s the threat to digital supply chains it shows.

Having spent years attempting to build robust physical supply chains, it would be easy to imagine things should get better. But a new threat to business is emerging as digital supply chains struggle in the face of political fragmentation.

This was part of the discussion at Mobile World Congress in 2023, according to Orange Business CEO Aliette Mousnier-Lompré. She wrote: “I was struck by general worries of pretty much everyone I have spoken to around what the world politics can mean in terms of fragmentation of the digital supply chains.”

That fragmentation isn’t solely represented by smartphone tribalism in Moscow. It won’t simply see nation states invest in new operating systems designed to protect state assets. It is unlikely to cease with dystopian control over internet content or data protection. It could conceivably extend to damaging the standards that form the foundation of all the tech we use.

We already see traces of this.

Think about the dozens of smart home standards that are only now attempting to coalesce inside the Matter smart device standard. Think, too, of the three flavors of 5G that exist. In the context of our times, these represent the thin end of a threatening wedge.

Predicting the impact of such a threat is far from easy: but if you’ve ever lost data after plugging your device into a public USB power outlet, you’ll probably have some idea of what’s at stake. How long will it remain an open secret that C-class execs sometimes throw away their smartphone after visiting some places because they think it likely they’ve been hacked?

While there are always multiple threats, two primary threats to digital supply chains exist.

That same mentality can easily extend to the deliberate confection of security failings within open-source components to the standards so much of our technology uses.

The consequences of these threats could be profound:

Not only these, but as digital is now embedded within every business process, threats to digital supply chains may impact every industry, generating additional consequences and potentially threatening national security.

Think about it. In today’s digital business environment, the “services” category is something much bigger than Ted Lasso and Apple Music; it also encompasses myriads of complex cloud services cunningly crafted for specific business use. Such services must work well together, be available across multiple platforms, and need to be security first.

That need certainly extends to artificial intelligence — why would any company want to depend on a business AI that isn’t transparent concerning what happens to data entered into the system? Where do those questions go when asked, and who has access to them?

As always, security remains a primary consideration. On-site and off-site backups become critical. A business must spend time considering data sovereignty, particularly around use of cloud services. Knowing where a server is situated isn’t solely important to stay on the right side of GDPR rules, it’s also about ensuring a business knows where that data goes across its entire journey. And where it might leak.

Redundancy also matters, and in the context of unstable digital systems, it makes sense for enterprise leaders to consider how to build more resilient digital connections, perhaps using private 5G networks or leased physical connections to form resilient backbones.

But ultimately tech firms including Apple, business leaders, and politicians need to consider the consequences of the decisions they make on interoperability. Because if interoperability between standards, platforms, and systems is not maintained, the digital glue driving the aspirations of the few who believe economic growth is even remotely possible in an environment characterized by climate collapse, political polarization, and resource scarcity will come to naught.

To save the economy, digital interoperability is critical, privacy essential and security mandatory. This extends to state-mandated backdoors and nation-state invested hacks into digital devices that should be obsessively eradicated to deny dictators such as those in the Kremlin an argument in the first place. At its simplest, in the digital world, no one is safe until all are safe.

Good luck with that.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

http://www.computerworld.com/category/security/index.rss