As the adoption of Internet of Things technology solutions accelerates, so do concerns about security as the number of connected devices create more opportunity for breaches. It is not only growth that is driving an increased focus on security capabilities, but also the fact that everyday connectivity has pushed technology to offer new applications and capabilities like self-driving cars, remote monitoring of patients, drone deliveries and remote-controlled underground equipment. Internet connectivity and superior security are needed to ensure optimal performance of these.
According to Verified Market Research, the global Internet of Things market (IoT) size was valued at USD 212.1 billion in 2018 and is expected to reach USD 1,319.08 billion by 2026.
With this growth, IoT providers are expected to concentrate on security to meet the complicated challenges in the coming decade, according to a recent DZone trends report.
“Security by design and privacy by design processes are crucial in solving some of the issues faced in the IoT industry”, says Renico Koen, Senior Security Manager at IoT.nxt.
He notes that for some years IoT had a bad reputation because many consumer-grade IoT devices lacked proper security controls. “Many of these IoT devices often cannot receive updates and are running outdated firmware, as a result. Placing devices that lack proper security controls and security updates on the internet can be catastrophic,” he adds.
Today, leading IoT companies ensure that security controls are included in every logical solution layer. Despite this commitment to security, concerns around security remain.
Data security while in transit
IoT solutions are sold on the back of one fundamental benefit – the ability to see and access all ‘things’ from anywhere. This benefit precludes the worrying fact that data must travel from the ‘things’ over the internet to devices.
Unprotected data transmitted over the internet may potentially be captured and even modified by threat actors. “The IoT.nxt platform enforces the use of strong cryptography to encrypt all communications from the customer to the cloud as a standard. This ensures the confidentiality and integrity of data in transit,” Koen explains.
Older, less secure devices in manufacturing and industrial environments could be targeted by an attacker if directly exposed to the internet.
At IoT.nxt this problem is solved by the company’s smart Raptor gateways. Legacy and newer technologies can connect to the gateways, which establishes a secured communications link for sharing data with applications in the cloud or within an enterprise network. This makes it possible to utilise less secure devices without having to expose them directly to the internet.
Privacy regulations are forcing companies to re-evaluate the ways that they collect and process personal information.
IoT.nxt adheres to general privacy regulations like POPIA and GDPR. The privacy by design philosophy adopted at IoT.nxt, assures that private customer information will be handed in a way that ensures compliance with the customer consent given.
Technology companies often release software without reviewing the software for security vulnerabilities. This problem with such an approach is that software containing critical security vulnerabilities are often made available for consumption.
Penetration testing, also known as pen testing, is conducted by IoT.nxt before the software is released to ensure that vulnerabilities are identified and remediated. This helps to ensure that software released by IoT.nxt is capable of withstanding complex cyber-attacks.
As stated, one of the reasons why older IoT devices were proven to be unsecured was because of a lack of regular security updates. All IoT.nxt solutions contain mechanisms to apply the latest updates as they are released.
IoT infrastructure visibility
Monitoring plays a crucial part in the identification and management of security incidents. Having a way to obtain and process live log files obtained from IoT infrastructure helps security teams to effectively identify and respond to security events.
The IoT.nxt platform was designed with monitoring in mind. Its platform can be configured to transport log files to existing corporate Security Information and Event Management (SIEM) systems for monitoring and alerting purposes, thereby helping corporate security teams to identify and respond to threats.