Internet of Things and Security -
how do I actually approach a project like this
In the second part of our contributions on IoT and Security we look at some important constraints for the planning and implementation of IoT projects.
Here we go to the first post of the series.
When it comes to the connectivity of many devices that collect, store and then forward data over a network, additional measures are needed to avoid risks to the company. Many devices often do without security features, either because of usability or user acceptance. And here we are not even talking about performance in the network, because the data should not arrive at some point, but in real time if possible ...
Yeah, life could be so beautiful.
Due to the rapidly increasing number of networked devices, the effort required to integrate them into a security concept also increases. force ... integrate. In addition, the growing infrastructure must be kept up to date. Without automation of routine activities, this challenge will not be mastered. Intelligent monitoring systems can help here. These combine proven technologies with AI (Artificial Intelligence) to make decisions based on current data, a broader knowledge base (what are current threats) and thus a higher probability of making decisions.
What's he doing?
An important aspect of security solutions for complex systems is, in addition to support through automation and artificial intelligence, above all monitoring the behavior of the devices in the network. For this purpose, "normal" behaviour is learned and, in a concrete case, it is deduced what to do in case of abnormal and potentially dangerous behaviour patterns. Such systems should also be able to assess the risk potential of the behaviour, otherwise both users and administrators will be lost in error messages or service interruptions.
The path of least resistance
Every attacker will look for the weak point of a system that will lead him to success with the least means. The more components in a network are addressable, the higher the probability of an attack. Therefore, the methods listed above are a must in order to eliminate these vulnerabilities quickly and permanently. Particularly in the case of rapidly growing infrastructures, it is very easy for additional potential threats to arise that were not taken into account in the original design.
Simple but effective
One of the simplest, but certainly often undervalued ways to protect components whose built-in security features are not suitable for enterprise use is to regularly install security patches. However, this often encounters obstacles, as in many cases this is not even intended. If a software update is possible, this process often has weak points.
The wheel does not have to be reinvented
What has proven itself in a classic IT landscape is also effective in principle in IoT environments. Encryption of data, both during transmission and in the storage of end devices or storage systems, role concepts with the least privilege principle (only the absolutely necessary rights are granted), network segmentation, the use of proven authentication methods, external analyses of the current situation and similar methods help to set up an effective security concept for new classes of devices.
In summary, it can be said that dealing with security issues is definitely necessary when implementing innovative IoT or Industry 4.0 projects. Next to the necessary knowledge about network technologies, security is the second important factor to be considered. Ideally, this should be done in the planning phase, because many measures can either not be implemented at all or only with considerable additional effort.
In any case, it must be clear to all project participants that formerly closed networks such as those in the production area are now opening up more and more to enable better service or new business models. This means that a new approach to securing these systems is also a must in order to ensure the long-term success of a company and not endanger its existence.
Next week we will consider some classic objections why the measures mentioned here cannot be implemented at all.
Talking brings people together.
We look forward to your Request.
Your ABAX sales team