It was in the early 90s when the Internet was made public. It changed the course of human life. Just like the Internet, Internet of Things (IoT) has the potential to alter the world.
Moreover, it has started to play its part. Many organizations have and many are adopting and planning their infrastructure in order to create an IoT architecture.
With further expansion of the IoT architecture along with Cloud IoT architecture comes the question of its security and safety. As IoT architecture is a complex body with many layers attached. Thus, its safety becomes crucial.
Here we have leaders of the industry on how they plan to secure Internet of Things architecture and tips to keep it safe to give you a better perspective on your own system.
Girish BVS, Senior Solutions Architect, Technology Group, Sasken Technologies Limited stated, ‘We believe that a comprehensive edge side security is the need of the hour to achieve end-to-end IoT security. Zero-touch provisioning of IoT device is the first step that can plug a number of security holes and accelerate the speed of deployment. The other aspect to consider is addressing the security requirements of constrained devices. We have made significant progress on these fronts’.
On similar patterns, Selvakumar Natesan, Office Technology Principal, ThoughtWorks shared, ‘Security needs to thought through, and implemented at all layers of the IoT architecture i.e right from the sensors to hardware to the network to software and finally, the application. There are many measures that when applied in a consistent manner will ensure robust security for IoT architecture.
‘One can start with threat modelling techniques to understand security risks and prepare accordingly. Another great approach is to leverage existing battle tested cryptos and avoid rolling out own implementations. Continuous review of the implementation with tools like, owasp website for potential vulnerabilities allows sustained action that can fix issues as soon as they are identified. Another measure is to use open source libraries and tools for whom, security is an important parameter. Additionally, techniques like Secure Microcontrollers are evolving rapidly and should be leveraged for encryption and integrity verification quite early on’.
Also, these pioneers of the industry shared the tips to keep the architecture of Internet of Things safe.
On that Girish remarked, ‘The IoT devices need to be smart and must have a security module. Having local intelligence would prevent wider data exposure and can help thwart security issues from manifesting and minimizing the impact if they do occur. Decentralization and distributed data store would ensure high data availability. This also effectively decreases the attack surface by increasing the number of devices needed to be attacked simultaneously for a successful attack’.
While Selvakumar gave certain points to keep in mind to safeguard the IoT architecture. He said, ‘While it’s very important to think of security right at the beginning of development, and not wait to ‘retrofit’ it at the end - here are some tips that will help keep IoT architecture safe.
- Avoid default login credentials and insist on users coming up with secure passwords because simple credentials are the primary reason for most exploits
- Always provide software/firmware updates over the air, and in a secure fashion.
- Vulnerabilities are inevitable in software and it’s not a matter of if, but when they will be discovered, and exploited. Over the air updates are the only way to avoid such a situation.
- Encrypt all communication between smart devices and backend systems/cloud, including the software updates. Don’t forget to validate the integrity of data at both ends.
- Ensure protection of end-user privacy at all cost’.
On the other end, Vasudevan Sundarababu, Vice President, Digital and Analytics Services, CSS Corp dispensed his views on the topic under discussion. He stated, ‘The fourth industrial revolution is here. IoT is easily one of the fastest growing segments in the technology industry today. Ericsson predicts by 2023, the world will have over 30 billion connected devices, out of which around 20 billion will be related to the IoT. Industrial Internet of Things (IIoT) connects sensor-equipped machines and systems, derives intelligent insights from sensor data and analytics for a better market and operational strategy, and controls operation of machines and other assets for better business outcomes. Despite the increased adoption in IoT, enterprises face significant challenges in managing, securing and optimizing their IoT initiatives and investments. In this context, AI and data-driven decisions play a vital role in transforming the operational models of industries by optimizing the performance of systems and processes significantly’.