Right-sizing M2M security: The best protection is security tailored to your application

Olivier Beaujard

(Blog) — As the volume of M2M devices and data increases, so do the associated security risks. The question, says Olivier Beaujard (pictured), is what should enterprises using machine-to-machine communications (M2M) and OEMs developing M2M solutions be doing now to protect their applications and secure the data centre?

The obvious answer may seem to be ‘everything they can’, but in practice the goal for an M2M application should not be to provide the ‘most’ security. It should be to provide the right level of security for that specific device and application. This is because the above question is more complicated than it may seem.

The phrase ‘M2M application’ encompasses a full ecosystem that extends beyond the device itself, including the cellular network, M2M cloud management platform and back-end enterprise application, all of which have unique security considerations. Even on the M2M device itself, security is not straightforward. Most M2M devices don’t have a full operating system or enough processing power to support or run advanced security software.

Is the answer then to build every M2M device with a full operating system? No, the smartest M2M security is that which is tailored for the specific application.

To do this, one needs to understand three essential truths about security:

  • Ensuring the right level of security is always necessary: No enterprise would deploy a system that afforded free reign for attackers, and no legitimate M2M vendor in the marketplace today would build one
  • No system can ever be 100% secure: Security must align with the expected lifetime of the solution. It should be secure enough for the threats faced today, but upgradable to defend against future threats
  • Security always means constraints: The more security a system employs, the higher the costs to build and operate it, the more usability will suffer and the more restricted it will be in the features it can support. Ultimately, too much security can be just as problematic as too little.

 

A secure M2M application must protect the transmission of private and confidential data. This involves data encryption and secure transmission technologies across multiple segments of the M2M application – between deployed devices, the M2M cloud management platform and the enterprise application. Moreover, securing M2M apps requires robust authentication and fault tolerance mechanisms that provide effective protection against malware and ensure resilience of the M2M ecosystem.

Finally, to maintain security in a constantly evolving environment, enterprises and OEMs must be able to update M2M devices and applications quickly and remotely, across thousands or millions of deployed devices.

Today the risk is relatively low, as M2M has not reached the kind of critical mass that attracts significant attention from hackers. That being said, M2M is very quickly growing, and given the widening scope of information being collected through M2M systems, ensuring it is properly secured is a key consideration in any implementation project. Any enterprise or OEM can achieve the ‘right’ level of security for its M2M application, both today and for the future. The key is to work with vendors that understand not just security, but have deep expertise and extensive field experience in M2M itself.

The blog’s author is Olivier Beaujard, vice-president of Market Development at Sierra Wireless.

 

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Scality’s 2022 forecast: Storage solutions get AI/MLOps upgrade, enhanced ransomware protection

Posted on: December 8, 2021

London, UK. 7 December 2021 – Scality announced its data storage predictions for 2022, coming off a year when ransomware attacks have exploded, skills shortages remain, and cloud adoption continues. This year’s forecast homes in on how storage solutions will evolve to meet these challenges and how emerging technologies will impact the data storage landscape.

Read more

Virtana free tier offering lets enterprises experience simplified hybrid cloud optimisation at no cost

Posted on: December 8, 2021

Virtana announced the immediate availability of a free version of Virtana Optimize, its cloud optimisation solution. The Free Tier offering complements the Premium version of Virtana Optimize, allowing for frictionless customer adoption.

Read more