The Internet of Things (IoT) is very crowded.
Connected devices outnumber people. The United Nations estimates the current world population at 7.6 billion1, and Gartner projects over 20.8 billion devices will be connected to the Internet by 20202. Connected things are what make the IoT – sensors, cameras, wearable electronics, medical devices, automatic controls. They all must have unique identifiers and the ability to collect and transfer data over networks to enable monitoring, surveillance, and execution of decisions based on the collected data with little or no human intervention. The use of IoT technologies holds enormous potential in practically every segment of human enterprise – government, banking and finance, healthcare, retail, agriculture, and ecommerce to name a few. But making the IoT work requires trust in the devices and the data they collect.
In this blog, and in one by my colleague Julie Lassabliere from Safelayer Secure Communications, we explore the need for trusted device identification and data integrity in the IoT. I will focus on how to ensure the devices connected to your network are legitimate and who they say they are. I also will discuss the mechanisms needed to enable the fundamental security framework required to make the IoT trustworthy. Read Julie’s blog “Roadmap for the Data Gold Rush: Maintaining Qualitative Data in the IoT Environment” to get the complete picture of this important topic and learn more about the public key infrastructure (PKI) required to make device credentialing and data encryption mechanisms possible.
Maintaining the privacy of sensitive data is imperative in most industries. As I often highlight in my blogs, data breaches have become all too common, and these continue to have a negative influence on corporate reputation and brand image, resulting in reduced market value and revenues. Moreover, increasingly strict regulations such as the EU’s General Data Protection (GDPR) and the US Health Insurance Portability and Accountability Act (HIPAA), among others, have added the potential for significant fines to make data privacy and security a top priority for many businesses.
The IoT is not making the job of securing networks any easier. Connected devices create more distributed latent points of entry into private networks, and this provides hackers with more potential attack vectors to exploit.
Threats and Vulnerabilities
Three major problems need to be addressed to ensure trust and facilitate the adoption of IoT. These are:
- Enabling strong mutual authentication between connected devices and applications. This is critical to ensure that only legitimate and authorized devices form part of the enterprise-networked ecosystem. If unauthorized rogue devices infiltrate the ecosystem, they can cause severe disruptions.
- Protecting the integrity and confidentiality of data collected by all connected devices. Once you are confident that all your connected devices are legitimate and authorized to be part of your network, you must then ensure the integrity and confidentiality of the data they collect as it flows from source to destination. Depending on your industry, data confidentiality might be required to meet privacy mandates, but even if the data collected has no ties to an individual person, its integrity is still critical given your system will be making decisions based on the collected information. If one cannot trust the integrity of this data, it is pointless to make decisions based on it.
- Preserving the legitimacy and integrity of code downloaded to devices and applications. The third, and often overlooked, component of IoT security is ensuring that, as devices and applications download software as part of their lifecycle, the legitimacy and integrity of that code is preserved. Devices and applications are regularly updated, often automatically, so the potential for these updates to be used as a conduit to introduce viruses or damaging malware to the otherwise protected ecosystem must be addressed.
Securing your IoT journey
PKIs include hardware, software, policies, procedures, and processes that provide a mechanism to securely manage digital identities. Enterprises deploy PKIs to manage the identities of individuals and devices, and to control access to network resources. The ever expanding IoT is fueling the need for new and upgraded PKI deployments.
Employing asymmetric cryptography, PKIs manage the key pairs used for signing and encrypting data. PKI solutions provide the technology needed to secure growing IoT deployments. Correctly configured PKIs address the IoT device and code identity, integrity, and data protection problems, but they require hardening to reinforce protection against advanced attacks. A root of trust that sets and enforces the policy for the protection of underpinning keys is therefore needed.
Signing keys, generated and used by the PKI to seal the integrity of validation certificates and code, and private keys, used to unlock data and secrets, must be protected at all times to ensure the trustworthiness of the PKI and the system it supports. If these critical keys are compromised, certificates and encrypted data are at risk.
This is why many government and industry data security regulations and mandates call for a root of trust using certified hardware security modules (HSMs). Cryptographic keys handled outside the protected boundary of an HSM can be significantly more vulnerable to attacks. As best practice, the use of HSMs is recognized as the only proven and auditable way to secure valuable cryptographic material. Enterprises deploy HSMs with their PKIs to protect signing keys and private keys in a dedicated and certified environment that is segregated from the rest of the network. The use of certified HSM enhances security and facilitates auditing and regulatory compliance.