IoT Security: Bringing Trust to the Internet of Things
nCipher Security’s HSMs provide a root of trust for connected devices and edge-to-cloud data protection
nCipher Security’s HSMs provide a root of trust for connected devices and edge-to-cloud data protection
Once connected devices are deployed in the field, they become attractive targets for criminal actors seeking to:
Sophisticated cybercriminals or insiders with privileged access can take advantage of unsecured manufacturing processes to produce counterfeits and clones, resulting in decreased revenues and damaged brand reputation. This is particularly relevant at remote or third-party facilities, where the device vendor has no physical presence.
Malicious actors may seek opportunities to inject unauthorized code during the manufacturing process or when device code is updated, e.g., when the manufacturer needs to update the firmware to provide additional functionality or patch a vulnerability.
IoT devices will collect large volumes of data, some of which will require protection based on sensitivity or compliance requirements. IoT data protection solutions must span edge to cloud, provide scalable encryption and key management, and not impede data analysis.
Using nShield HSMs and a supporting security application to create and protect the underlying keys, each IoT device can be manufactured with a unique, cryptographically-based identity that is authenticated when a connection to gateway or central server is attempted. With this unique ID in place, you can track each device throughout its lifecycle, communicate securely with it and prevent it from executing harmful processes. If a device exhibits unexpected behavior, you can simply revoke its privileges.
nCipher nShield HSMs, used in conjunction with security software, enable manufacturers to secure their production processes. For example, Microsemi, a leading provider of semiconductor solutions, uses nShield HSMs in combination with security software to generate unique codes that can only be decrypted by the device for which each was generated. By controlling the number of authorization codes generated, they can also limit the number of systems built.
Establishing strong authentication is just one part of the puzzle. The IoT demands large scale management and protection of digital certificates and the underlying keys, and support for multiple public key algorithms including Elliptic Curve Crypto (ECC) whose shorter key lengths and less intensive computational power are well suited to constrained IoT devices, all supported by a well-designed public key infrastructure (PKI). The accepted PKI best practice to secure your most sensitive keys and business processes is to use an HSM. Whether you work with one of our industry-leading PKI partners or tap into our Advanced Services Group’s knowledge and expertise, nCipher HSMs will provide a high-assurance, independently-certified root of trust for your PKI, regardless of complexity or scale.
Limiting access to protected systems and data to only authorized devices and users enables you to defend against many of the potential threats associated with the IoT, such as APTs and data breaches, as well as protect data confidentiality and privacy. By using cryptographically-based identification underpinned by HSMs - a recognized best practice - for authentication, and code signing to ensure authenticity and integrity of device firmware updates and patches, you can create a secure network of trusted IoT devices.
Through secure control and monitoring of geographically-dispersed devices, organizations can lower the cost of device maintenance and updates. The cost savings extend to the removal of untrusted devices; if a device exhibits unexpected behavior, instead of deploying a technician to physically inspect and take it offline, you can simply revoke its privileges remotely.
By securing the process of manufacturing devices, organizations can protect against lost revenues and brand damage resulting from the sale of unauthorized black market units. Secure connected devices also provide opportunities for new revenue streams, as companies can use their connectivity to deliver functional upgrades or to serve up premium content and services.
As the Internet of Things (IoT) becomes ever more ubiquitous, organizations need to ensure that the solution they deploy to protect their infrastructure can effectively scale to secure exponentially growing volumes of data - in compliance with evolving security regulations...Download
Polycom turns to nCipher Professional Services and nCipher HSMs to enhance VoIP Security. nCipher accelerates Polycom’s integration of digital certificates into phones....
As a manufacturer of servers, projectors, mastering and distribution technology for digital cinema, Qube Cinema saw a unique opportunity to introduce a highly disruptive technology to the market as the film industry...
The nCSE provides the training to give your people the knowledge to get the most from your investment. Getting the best from your technology requires a technology, getting the best use from it depends on how much you invest in it....
Dig deeper into nCipher solutions and examples for securing the IoT.Learn More
nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key protection, and key management.Learn More
nCipher Security’s nShield sales team provide excellent local and remote support during this evaluation period and was invaluable to the process. The excellent depth, breadth and quality of the product documentation gave us confidence that the solution was well thought-out and supportedRobert Fairlie-Cuninghame,QAI technical lead/architect, Memjet
We know the nShield Solo; it’s a foundational component of the system. The system is successful, and it’s been a positive experience working with the nCipher team and its nShield HSM, allowing us to achieve a short time to market and to recover our costs.Gianni Sandrucci, Chief Executive Officer, itAgile
As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We selected nCipher HSMs to provide robust security, unmatched performance and superior scalability across our payment security platforms, protecting encryption keys from virtually any attack. This helps Verifone to continue reducing merchants’ growing exposure to data breaches and cyber criminals and more aggressively safeguard consumer information…Joe Majka,Chief Security Officer
With our extended experience of relying on nCipher for HSM solutions, when it came to selecting the right component for PassBy[ME] Mobile ID we didn’t need to look at other vendors; nCipher HSMs always deliver the highest level of trust.Dr. Sándor Szöke, Deputy Director of eIDAS Trust Services, Microsec
We have a long history together and we’re extremely comfortable continuing to rely on nCipher solutions for the core of our business. We have used nCipher HSMs for five years and they have always been exceptionally reliable. We’ve layered a lot of code on top of the HSM; it delivers the performance we need and has proven to be a rock-solid foundation.Neal Harris, Security Engineering Manager, Square, Inc
nCipher Security has given us a beautiful solution around which we’ve developed our own software; equipping us with the abilityto offer our customers a truly compellingvalue proposition. We have found nCipher nShield Connectto be far more secure and friendly to usethan competing solutions. It perfectly meets our needs.Evgeny Vigovsky,COO and CTO, Saifu
The unit cost and performance of nShield enable us to offer a commodity-priced device that is simple enough for even the most technically-adverse merchant to understand and operate. Trust, integrity and security are the foundations of our company, and nCipher helps us to achieve those goals.Julia Wolkerstorfer,Marketing Manager at A-Trust
Our nCipher HSMs protect our encryption keys, safeguarding customer data from breaches. Just as importantly, it helped make achieving PCI DSS compliance far easier and more cost-effective. With the nCipher HSMs, we can easily protect, manage, and rotate encryption keys, enabling PCI DSS compliance without the need for timeconsuming manual controlsTerry Mainiero,Follett Higher Education Group
The move from paper-based to electronic invoicing has proved a great success. There was tight cooperation between our system integrator SETCCE and nCipher and their combined knowledge and experience in this specialist area delivered an ideal solution. The service meets all legislative requirements, provides a better level of service and more flexibility for our subscribers. This gives us an important competitive edge.Bostjan Zaversek,Financial Manager for Si.mobil-Vodafone
Piracy is a problem generally associated with digital content and no less so in the film industry where it is an enormous concern for both studios and distributors who lose billions of dollars each year when films are illegally copied and distributed. The encryption and decryption of content is not a major challenge, however the handling and management of security keys by both the cinema and content owners is. nCipher is an expert in encryption key management and the protection of content and intellectual property, its products offer high levels of assurance and operational efficiency and have enabled Qube to develop an online digital…Rajesh Ramachandran,President and CTO
Modernization of clinical trials is a key initiative for both the pharma industry and global regulatory agencies. In an industry with a 20-year patent cliff – SureClinical’s technology accelerates speed to market and saves companies hundreds of thousands of dollars in shipping costs, maximizing return on investment for new drug therapy investments. The adoption of this technology would be out of the question if it didn’t meet the trust and security requirements mandated by regulatory agencies and the industry. Thales was the only company that was able to provide the assurance and strong cryptographic technology that met both the needs of…Zack Schmidt,President at SureClinical