Securing IoT Device-to-Cloud Communications

bigstock--187654582.jpg

According to IDC, global public cloud spending is expected to exceed $203 billion by 2020. As enterprises make the transition to digital, they perceive the cloud as an enabler of modernization and provider of competitive advantages such as cost savings, scalability, and agility.

One of the key drivers of cloud growth is the Internet of Things (IoT). The IoT, coupled with cloud computing and cloud-based analytics, enables manufacturers and IoT companies to improve automation, asset performance monitoring, predictive analytics, and new service creation. It also provides cloud providers with new revenue streams such as cloud storage, cloud-powered IoT computing, and managed service.

However, the marriage between IoT and cloud introduces serious security threats and risks, demonstrated by the often publicized IoT-initiated DDoS attack in October 2016 or the many other attacks in just the last year. Cloud providers should proactively identify and fill security gaps to avoid reputational and financial risks. Companies using the cloud and IoT should consider the following to manage their risk and costs.

Harden IoT devices. IoT-enabled devices need to be hardened with strong cryptography to prevent hijacking by hackers and criminals. Because IoT devices are resource constrained, when it comes to processing power and memory, security solutions must enable devices to defend themselves from cyber attacks in such a way that is optimized for performance with a minimal software footprint. Don't count on layered network security to protect IoT devices that can be physically compromised

Use device authentication. Don't rely on password only authentication or role-based access controls. These approaches are easy for hackers to compromise. Use digital certificates and private keys hidden in firmware or hardware to ensure a high level of authentication assurance. Enterprises and industrial manufacturers should implement strong security solutions to connect their devices to any cloud providers platform.

Don't rely on open source SSL software. There are numerous challenges in depending on open source security software. Read about the dangers of using OpenSSL.

 

A Trusted Solution for IoT Security

Mocana provides mission-critical security solutions for embedded systems, the cloud, and the Internet of Things. Mocana’s IoT Trust Platform is comprised of IoT endpoint security software software that can be cembedded into endpoints, gateways, and cloud servers.

Learn more about our IoT Trust Platform.