Addressing key IoT security concerns for manufacturers

Lancen LaChance, vice president IoT Solutions, GlobalSign

The potential of the Internet of Things is no secret: Gartner predicts 20.8 billion things will be connected by 2020. Others say that number could be as high as 50 billion. But connecting technologies in new ways and deploying them in new cyber-physical environments creates countless new security threats.

A recent 2015 cybersecurity report from AT&T noted a 458% increase in IoT vulnerability scans of devices, says Lancen LaChance of GlobalSign. We can see here that IoT devices extend the attack area in an ecosystem. To compound the concern, trends are also increasing for providers to leverage software-based mechanisms to enable features of their devices, leading to the question: How do you prevent counterfeiting and piracy of your product?

At the same time, IoT products are on the development fast track and manufacturers are rushing to create exciting new smart devices with user experience in mind, not necessarily security. So, what is the best approach for manufacturers to integrate security into their products from the outset? To help answer that, let’s first take a look at three security concerns that IoT developers need to address; authentication, privacy and integrity.

Authentication

The purpose of authentication is to prove that all entities are who (or what) they say they are. This ensures communications are delivered only to the intended recipient and that the recipient knows with certainty where the communication came from. In terms of IoT, authentication from devices to cloud services, users to devices, things to things, and in fact any entity to any other entity are all possible scenarios.

Privacy

There are a myriad of devices connecting to the IoT collecting sensitive data. IoT devices pose a threat to user privacy if manufacturers and service providers don’t include sufficient protections. It is critical for device manufacturers to ensure that information intended for a particular recipient cannot be intercepted and read by anyone (or anything) else. Enabling encryption is essential to ensuring privacy in the IoT.

Data integrity

Security technology can be used in IoT to protect the integrity of data by certifying the message sent to the recipient has not been changed or altered, either accidentally or maliciously. Some IoT ecosystems require devices to make decisions and act independently.

In these scenarios, both the value and risk are tied to the integrity of the data. For example, consider the impact of self-driving cars or the electric grid relying on spoofed data sources – the consequences could be catastrophic.

Introducing strong security elements

You can see the security needs of IoT call for a strong, proven approach to maintain security, trust and privacy in their ecosystem.

PKI is a foundational, proven, interoperable and standards-based technology that provides key information security capabilities, including authentication, privacy, and data integrity and is easily adapted to meet the velocity, variety and volume needs of the IoT. There are a wide variety of implementation approaches to bring PKI into your solution, but some of the most reliable ways incorporate cloud based PKI with device side cryptographic hardware, like TPMs or similar.

Strong device identity image GlobalSignEnabling strong identities at the hardware level allows for protection against identity spoofing and key compromise which can endanger the whole interconnected system. If a change occurs then the entire ecosystem will know and administrators are able to respond accordingly.

It is early enough to do IoT security right

The IoT is still very much in development and is creating exciting opportunities that manufacturers are trying more than ever to leverage, but security may be outside of their core competencies. However, it is imperative that IoT manufacturers know the implications their devices have on personal and corporate security and mitigate these security concerns during the development phase.

Retrofitting security into devices already in use is difficult, costly and a burden on the users. Implementing security in the early design phase supports manufacturers’ brand integrity and gives them a unique competitive advantage by allowing them to go to market with secure devices and improve user experiences faster.

The author of this blog is Lancen LaChance, vice president of IoT Solutions at GlobalSign and can be reached at Lancen.LaChance@globalsign.com

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

RECENT ARTICLES
woman holding her finger balance with coins

Quantinuum raises US$300m in equity funding

Posted on: April 18, 2024

Honeywell has announced the closing of a US$300 million equity fundraise for Quantinuum at a pre-money valuation of US$5bn. The round is anchored by Quantinuum’s partner JPMorgan Chase, with additional participation from Mitsui, Amgen and Honeywell, which remains the company’s majority shareholder. This investment brings the total capital raised by Quantinuum since inception to approximately

Read more
close up man using smart touch screen server

ITRI and Arm launch new SystemReady Lab in Taipei to boost AIoT industry

Posted on: April 18, 2024

ITRI has established the ITRI・Arm SystemReady Lab in Taipei, in partnership with Arm. This certification centre is the fourth of its kind globally, following the ones in the United States, Europe and India. The lab combines ITRI’s R&D strengths with the Arm SystemReady compliance programme to deliver comprehensive certification services for the AIoT industry. This

Read more
FEATURED IoT STORIES
What is IoT answer

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more
iot adoption

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more
IoT Now Enterprise Buyers’ Guide Which IoT Platform 2021

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more
CAT-M1 vs NB-IoT

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more
internet of things isometric illustration of connected things

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
iot challenges and issues

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more