IoT
IoT
Mitigating
the
Attack Surface
I
ndustries across the globe are gaining competitive advantages by deploying technologies such as Software
defined Networking, Hyper converged Infrastructure and Internet of Things (IoT). Unfortunately this also means
they are going to face new security vulnerabilities as their IT ecosystem expands.
Neil McLellan, Business Development Manager, Wind River
Modern day use cases for “IoT-like” applications date back to the
earliest days of manned space flight for monitoring astronaut vital
signs and shuttle telemetry – mission critical data points
transmitted across a dedicated network. Beyond dedicated and
specialized networks, technology once leveraging PSTN has now
converged on the global IP network. The public internet has
evolved beyond connecting hobbyist PC’s, to becoming modernday critical infrastructure empowering the most essential aspects
of our everyday life – including safety critical, connected devices.
As such, the convergence of embedded IoT devices and PC/server
infrastructure on a common network backbone are surfacing a
new set of challenges around two very common issues:
o Intrusion prevention
o Virus protection
Network policies adopted by IT departments to secure the
business data and PCs do not account for the different protocols
and functionality available within the range of intelligent
embedded devices. The intelligent embedded device must have
the ability to monitor and protect itself against the threats that
exist within the network while at the same time sharing
information with trusted devices in real time.
With the IoT attack surface spanning clear across the traditional
IT ecosystem, the depth of knowledge to mitigate security
vulnerabilities across the ecosystem requires security posturing in
excess of the traditional IT generalist. The costly omission of
designed-in security is often a lack of expertise, or limited budget,
pale in comparison to the cost of downtime, data breaches, or
compromised autonomous systems.
Device-side
The armada of IoT edge devices are coming in all shapes and sizes
and servicing an infinite number of applications – fixed vs. mobile,
wired vs. wireless, stored data vs. cut-through data handling,
leaving us to consider a broad range of threats. As influencing
physical environmental safeguards surrounding a mobile device is
most likely not an option, self-contained security countermeasures will dictate the success of your IoT strategy.
Securing device operations against known and emerging threats,
encrypting data both at-rest and in-motion, and providing the
ability to maintain remote accountability of security – as if you
were virtually next to the device. Wind River’s portfolio of
embedded operating systems have been secured and certified to
support the demands of the most advanced IoT strategy.
Beyond these technical hurdles, a device manufacturer will need
to plan for supporting a connected and secured device strategy
consistent with the extended life of such devices. With
PC/solution’s reaching an expected useful life of 3-5 years,
embedded devices can expect a useful life nearly six-times as
long. Combatting the resource limitations of the device at the
time of design and commissioning – CPU, memory, etc. are
compounded in the field during maintenance operations that
sustain the device.
Cloud-side
Complementing device-side operations, the cloud side solutions
must add comprehensive device management capabilities to
augments your growing or existing IoT strategy, completing the
“end-to-edge” framework. A solution that enables device
manufacturers to query and retrieve vital operating system, file
system, and application information, identify gaps and
vulnerabilities, and facilitate the deployment critical counter
measures to those devices would be the best you could deploy.