Effective IoT security must begin at the drawing board

Thomas Fischer, global security advocate at Digital Guardian, assesses the role security will play in the IoT and argues that manufacturers must return to the drawing board to find a sustainable, long-term solution.

For manufacturers, the IoT is a particularly difficult nut to crack. In addition to time pressures, the demand for user friendliness – combined with highly stringent cost controls – means that, even if the will is there, finding a fast, cost-efficient security solution can be a challenge.

One major problem is that many IoT devices still use extremely cheap processing units akin to something that would have been used several decades ago, only on a much smaller scale. These kinds of processors lack both the memory capacity and input mechanisms required to conduct the regular security updates and patches that would normally take place on PCs and mobile phones.

With the lifespan of some IoT devices now expected to exceed ten years, the security issue this presents is a growing cause for alarm. The threat landscape is a highly dynamic environment and devices that can’t be patched are vulnerable not only to the threats that are out there today but also to all threats that emerge after the device has gone to market.

A new approach to IoT security is needed

Fortunately, organisations are starting to take note. The IoT Security Foundation is driving the creation of new standards and enlisting companies to work together to improve the overall security of IoT devices from the ground up. Elsewhere, the GSM Association (GSMA) has recently produced a set of major guidelines around IoT security best practice.

But in order for businesses to make meaningful security improvements, changes must take place at the design phase, not as an afterthought prior to launch. Security must also be considered from a variety of different angles including software, hardware and the network if it is to be effective.

1) Secure software: Building new devices on a foundation of robust and secure software is critical. Best practice encompasses a variety design considerations including:

• Proper and secure authentication for each individual device, so organisations can quickly confirm that any individual device is the one it claims to be
• The use of secure coding practices, focusing on QA and vulnerability identification as part of the development lifecycle in order to streamline security and mitigate risks
• Industry standard encryption of all data flowing between the IoT device and backend servers, meaning that even if the data is intercepted, it is meaningless without the correct encryption key
• Making provision for the deployment of new firmware on the device over time. Moving to more advanced and versatile processing units will allow device software to be updated and protected against new vulnerabilities as they are discovered, greatly increasing security and ultimately saving money over time
• Ensuring all backdoors are closed. Building devices with a backdoor has become alarmingly commonplace, but it compromises the security of the end user. Closing such backdoors ensures critical information such as device UDID is not copied, monitored or captured without the manufacturer’s knowledge

2) Secure hardware: Physical security goes hand in hand with software security. Integrating tamper-proofing measures into device components means they can’t be accessed and decoded without permission. Physical switches or breakers that can allow the user to physically turn off certain features should also be assesses. For example, a physical mute button could be added to devices with microphones, and hard upper and lower limits could be added to devices controlling temperature. Furthermore, ensuring sensitive data related to authentication and account information is erased in the event of a device being compromised will help to prevent it being extracted for malicious use at a later date.

3) Security on the network: Should an IoT device become compromised, the potential damage done can be significantly reduced by the presence of security partitions on the network. This means the infected device can be quarantined away from other critical systems and also cut off from the Internet in order to prevent remote data exfiltration.

It’s also important to use secure protocols like HTTPS for data exchange between the IoT device and the backend management or storage solution. Manufacturers must also make strong authentication methods available and actively advise end users to change any passwords or keys from the default credentials.

Security teams must also understand the needs of the business

Building secure IoT devices is becoming increasingly important, but it’s also very easy for security teams to be so caught up in their own goals and objectives that they fail to align properly with the wider needs of the business. The end result is usually systems and devices that are highly secure but also difficult to use and unappealing to the end user.

A good security team must assess the wider business needs around the IoT and come at problems from a mutually beneficial angle. Working alongside the business, rather than against it will almost always result in more effective, more secure IoT devices and infrastructure.

Sadly, the harsh reality of having so many vulnerable IoT devices already out in the wild is that breaches and attacks are an inevitability. However, as the drive for better security gains momentum and new devices start coming to market with built-in security features, future product cycles should see a marked increase in the overall level of IoT security for us all.

The author of this blog is Thomas Fischer, global security advocate at Digital Guardian