As the IoT continues to gain momentum, trust is more important than ever for today’s innovative use cases. As devices become more connected and mobile, embedding trust in transactions and processes is an essential part of supply chain operations. Electronic devices and sensors are increasingly Internet-enabled, with frequent communications with back-end servers for updates and other resources. They must also frequently authenticate themselves to other devices. However, not all IoT security best practices have developed at the same rate. As IoT use cases have developed, the need for system integrity, security, and encryption has become clear, but in some cases authentication may have been considered less critical.
Even today, disparities in capabilities and maturity models remain. We’re seeing different levels of expertise and execution in companies in terms of technology and security. For example, many organizations are still seeking to protect their firmware, and update devices only from trusted authorities. Others may be less concerned (or experienced) and focus more on traditional enterprise cybersecurity strategies. Encrypted communication and identity practices are broadly adopted, but they are not yet ubiquitous within IoT.
Trust issues may extend farther than you think
Increasingly, the top issue for IoT deployments is ensuring trust within a supply chain of a complex ecosystem of suppliers, components, software and service. In a dynamic factory environment, software and chips may incorporate numerous components that are outside the primary manufacturer’s visibility or even his control.
For example, in firmware, Open Source code is increasingly utilized for its implementation advantages and rapid time to market. However, it may also feature unknown elements, such as disparate classes of trust anchors (certificates) or authentication components. In some cases manufacturing assembly systems grey market (or off hours) manufacturing may work its way into the manufacturing processes due to hard to control variables in the supply chain. That means the level of trust in the manufacturing facility itself can be an unknown, and many manufacturers may lack visibility into what’s happening at the factory or during the hours the factory is (or is not necessarily) supposed to be used.
To put basic best practices for trust in place, manufacturers need to consider what components, devices, and software is connected to the factory line, and who has access. Manufacturers must also look at what security they have in place for assembly, shipping, import, and export processes. A compliance and supply chain control procedure are paramount to secure device manufacture and delivery.
Enabling trust beyond the factory floor
The need for trust doesn’t end after a device goes out the door, so it is important to consider whether or how a device will communicate after deployment. An organization should be sure that its end product can gather data and communicate in a way that will not expose privacy and data security issues. They will also want to determine whether the component will protect the device from being a participant in DDoS or similar attack vectors that can occur in deployed IoT devices.
IT and security teams must also consider the holistic supply chain for the device as it is manufactured, goes out to market, and is put into production. The more they can consider how things are created securely, the more control they will have over limiting that exposure for companies and customers using these devices.
IoT use cases aren’t limited to manufacturing alone. For example, in an enterprise environment, risk can appear in connected TVs, vending machines, and other devices—this is where IoT security and enterprise security meet. It’s up to IT and security teams to determine the level of risk of these common devices, and how they will limit broader exposure to the overall enterprise if a security issue arises.
Not so long ago, IoT devices were considered too small, low-powered, and unsophisticated to participate in sophisticated attacks. However, today’s devices can pose more risk to the entire organization. The size and complexity of IoT components have grown, even as the form factors of devices have shrunk. Many devices support higher Internet throughput, with even faster communication just around the corner as 5G begins to gain acceptance. Bad actors increasingly view these IoT devices as a rich target that can do even more damage than earlier technology.
Basic planning now can shut down future issues
What can manufacturers do to move forward in implementing trust across the supply chain? The first step is to understand what is going into the software. Evaluate your processes to determine what Open Source technologies you are including—whether intentionally or not. Consider your commercial software in use as well. Consideration and scrutiny should be used for software, components, and services are shared across product lines within a manufacturer. When looking at these types of elements, confirmation that they have undergone secure code reviews, penetration tests, and audits (as necessary) can help them be safely deployed into a network.
It’s also important to put a readiness plan in place well in advance of device deployment and customers usage. If something goes wrong with firmware, what is your plan to remediate the issue? If something goes wrong with a service your devices depend on, how will you address it? If your device reaches end of life, can it potentially be used to cause damage to other components of the network—even if the license is revoked? Develop a thorough understanding of what it means for your organization’s supply chain to be compromised, and its implications across the business. Based on these insights, you can think through how to manage and control the risk associated with a deployed device. Timing is essential, and what is most important is that you develop your remediation plan well before deploying a device. It’s often more challenging to come up with a plan to address an issue after a security breach has been discovered. And sadly, far too often, we see this become the case.
Digital certificates can be an important part of an overall layered approach to IoT security. The certificates can be used to help with strong authentication, encryption of data in transit or at rest, and ensure the integrity of the device execution and updates. When deploying security based on certificates, choose a platform that can enable a holistic approach to managing both the devices AND the certificates. When your needs change, you should be able to quickly update and deploy your certificates from a central location, across your environment—and out to the devices.
It’s clear that the IoT will continue to transform manufacturing, utilities, households, and many other fields. By making trust and identity an essential part of your IoT strategy, you can ensure that your deployment delivers the business outcomes you expect—while minimizing risk across your organization.
About the author: Brian Trzupek is SVP of Emerging Markets at DigiCert. A crypto and security tech by day and night, Brian brings nearly two decades of expertise on many security subjects to the team. He’s constantly innovating use cases for enterprise PKI. He previously worked for more than six years as VP of Managed Identity and Authentication at Trustwave where he helped fight cybercrime, protect data, and reduce security risk. While at Trustwave, he testified before a congressional panel on the Dec. 2013 Target breach.
Edited by Ken Briodagh