By the year 2020, the number of connected devices is expected to cross 20 billion. There will be billions of sensors gathering a huge amount of data and transferring it to the cloud or relaying it to other devices. This also means that are multiple points of attack and an effective security pathway becomes paramount.
Significant reengineering has to be done to optimise and adapt the current security controls that work for IT networks to make them suitable for the complex embedded applications of IoT. A few ways how IoT devices can be made secure are:
- A Trusted Platform Module (TPM) is a dedicated microprocessor that integrates cryptographic keys into devices to uniquely identify and authenticate them. This prevents hackers from hacking and impersonating a device to gain access because each device has its own identifier that is encrypted by the keys. The TPM used must be completely trustworthy.
- A Trusted Network Connect (TNC) standard must be used to check for malicious software or firmware. This prevents uploading of spyware or other malicious software to network or other devices.
- A Mandatory Access Control system limits access to certain functions or files on a device for a given user. Layered security can limit the damage a hacker can do once device is hacked. Sensitive information does not leak from a hacked device since this will act as a choke point.
- If a read-only option is used for data on a device, it will throw a hammer in the hacker’s efforts to tamper with the data. Data must be encrypted when it is stored on a device or in transit.
- IoT devices and systems are often integrated with legacy machines that were not built to be secure. We need industrial control systems that can segment that legacy hardware from other systems and secure communications between them with encryption. If a hacker has already infiltrated the network of a connected factory, the above should prevent him from taking control of the machinery on the assembly line.
Security must be considered at the earliest phases of development, particularly in the design phase. Processes like threat modelling can help engineering teams adapt their prototypes to mitigate relevant risks. Beyond the design phase, it’s crucial that security is integrated into all the other key ‘touch points’ along the development lifecycle. Some of them include secure code review and static analysis after code completion milestones and penetration testing during the Quality Assurance phase and if possible, before releasing to production. The product design engineers need to be constantly aware of security considerations; however, it is even more vital that they remain vigilant about the security implications of third-party software being used in the system.
Given the enormous amount of data collected by the connected devices, there is a need to anonymise or minimise the data retained. This requires a development of policies and practices that impose reasonable limits on the collection and retention of consumer data by organisations. For instance, maintaining only truncated credit card information or anonymising data maintained on the device or company’s network systems can help to minimise exposure in the event of a security breach. Data that is necessary for business purpose or device functionality only should be collected. In addition, companies should ensure that all representations concerning the security of the device or how information is secured are accurate, up-to-date and substantiated. This can include representations in consumer-facing documents, such as privacy policies, customer agreements, product user guides, or advertising materials.
Deciding what constitutes reasonable security for a given device will depend on a number of factors, including the amount and sensitivity of data collected and associated costs of remedying any vulnerabilities. Companies should ensure that they implement administrative, technical and physical safeguards based on the company size and the nature and scope of data collected. These controls should be tested and monitored on a periodic basis and with respect to new updates and features that will be added to the device. One of the most difficult problems to solve is physical security in order to ensure there is just the right amount of security. The acceptable level of risk for many OEMs includes only their own device being compromised; if someone can crack open a device and compromise every device that represents a major problem. A network-centric approach to security powered by machine learning is well-suited to keeping IoT devices from becoming the starting point for malicious activity.