IoT Security: Preparing for the Expected
If you follow technology, human nature, or have gone to a parent-teacher meeting, you know how rare people agree. With global spending on the Internet of Things (IoT) already measured in the billions, we see near unanimity on the following points:
- IoT’s potential is enormous. Capturing-and-acting on data will unlock tremendous value.
- IoT devices will soon number in the tens of billions.
- Devices, networks, and cloud services interoperability will be key to unlocking future value as IIoT adoption deepens. Each successive generation of adoption will need to securely work with all that has preceded it and what will come after.
- Security is a considerable challenge, will likely become more so, and is, in fact, the single biggest adoption roadblock.
A recent study by Gartner’s CEB IoT Security survey found that “73% of IT professionals collaborate less than once a month with the device procurement team.”
And that “this lack of communication leads to devices being purchases without any security overview, which can lead to the devices not functioning as desired and getting hacked.”
IoT is going forward with too many organizations in critical need of a sustainable security strategy.
Time to Freshen up your IoT Deployments
Aside from the benefits provided, IoT devices are easy targets for hackers. Want to know how easy? Recently a 12-year-old boy hacked thousands of devices in just minutes using commonly available hacking tools. Extending IoT throughout an enterprise needn’t expose and weaken enterprise security. Initially, we can understand IoT to be potentially analogous to an enterprise’s Achilles Heel. Except in just a few years, there will be billions of heels pushing and pulling data to the far corners of the internet.
Big Challenges are Tough to Overcome Alone
Security needn’t be a burden to carry alone. Atos uses Lightweight Machine to Machine (LwM2M) standard to extend HSM to IoT devices offering device authentication and data encryption services.
Indeed, “Horus HSM by Atos is suitable for all industrial sectors” as “it complies with the latest IoT security protocols such as LwM2M 1.1, OSCORE for machine-to-machine communications, and device management in industrial IoT,” says David Leporini, IoT Security Director at Atos.
Interoperability is another parameter to consider. IoT requires devices to securely share-and-send data between systems into the cloud and back. Today, doing this is a security challenge for many organizations. However, the challenge will only grow as tomorrow’s IoT environment becomes even more dynamic.
“As the IoT evolves, the need for standardization is becoming more critical, and partnership development to build trusted IoT ecosystems is key to developing strong, sustainable IoT offerings,” says David Leporini, IoT Security Director at Atos.
The key to assuring secure interoperability in a world where tomorrow’s IIoT needs are unknown will be leveraging open standards like OSCORE LwM2M 1.1.
OSCORE LwM2M 1.1: Foundational Services for Sustainable IIoT
The LwM2M standard dedicated to resource-constrained devices has been developed with essential security features in mind. LwM2M, based on Constrained Application Protocol (CoAP), utilizes TLS protocol on TCP/IP networks and DTLS protocol on datagram networks specially designed to protect messages from being intercepted, modified, and falsified.
“These protocols are a standard within the IoT world,” says David Navarro, CPO & co-founder of IoTerop and Wakaama Principal Maintainer. “They ensure that device authentication is used before a new sensor admission onto the IoT network and communications between all the IoT elements is secure (thanks to cryptology mechanisms) using light but powerful cryptographic algorithms,” he adds.
Also, it is essential to note that DTLS has little impact in terms of computing power and memory as it was designed specifically for constrained devices.
“LwM2M offers a dynamic way to handle security across the overall IoT device’s life cycle: security keys can be provisioned automatically and remotely (bootstrap server) at device initialization time, they can be changed over-the-air at any time, and the device itself can be ‘locked and wiped’ if it appears to be compromised”, says Hatem Oueslati, IoTerop’s CEO.
Combining LwM2M and HSM technologies, including security keys generation, exchange, and integrity checks, helps IoT device makers and solution vendors to reduce significant hurdles. The newer version of the LwM2M 1.1 includes OSCORE and adds support for TCP. Both DTLS and TLS can now be used to secure communications. OSCORE is a significant improvement for constrained networks securing data at the application level. OSCORE improves security while reducing the energy and network resources needed to secure IoT solutions on networks (e.g., NB-IoT and other LPWANs).
Contact IoTerop to learn more.