Securing your IoT deployment—from the device to the cloud

Author Jonathan Cassell takes a look at some of the measures engineers are undertaking to secure their IoT deployments and the critical role that a cloud-based IoT management system plays in each activity.

Cybercrime is a big business—a $600 billion market that’s larger than many legitimate industries, such as the global markets for education, water / sewage, and arts / entertainment. Like any other industry, competitors in the cybercrime business naturally will gravitate toward the largest available markets. Today, the internet of things (IoT) represents a massive opportunity for cybercriminals, with each of the world’s 7 billion IoT devices representing another chance to ply their dark trade.

Because of this, security has become a paramount concern in IoT devices and in the edge-computing systems that serve them. IoT device manufacturers are increasingly employing built-in security measures to prevent online hacking. However, securing the IoT involves far more than simply hardening devices.

Instead, what’s needed is a comprehensive solution that applies a combination of cyber- and physical-security measures that are managed through a cloud-based system. Using such a system, IoT engineers can protect the safety of data no matter where it resides—whether in a device, an edge-computing system, or the cloud.

Security is in the chips

IoT security starts at the device level, safeguarding the data collected, stored, processed and transmitted by specific end-nodes. However, some IoT devices share large quantities of data with the cloud. Thus, security solutions in IoT devices not only must protect the device itself, but information transferred across networks.

These security solutions are implemented within microchips, with IoT devices sporting built-in encryption, authentication and security-key hardware. This allows the devices to securely transfer data over networks.

These solutions also secure the microprocessor or microcontroller running the system, integrating features designed to ensure data integrity. They can even encrypt data transferred between chips within the IoT device. Because IoT devices are often located in remote, unprotected places, secure chips also incorporate physical security systems, including anti-tampering schemes that erase data if their enclosure is penetrated.

Here, it is worth stating that the growth in number of IoT devices at the edge is exponential. And with such aggressive growth potential predicted for the foreseeable future, the concerns regarding a security breach is growing for not only end users but for original equipment manufacturers (OEMs) developing them as well.

What’s more, breaches are fast becoming common place and the costs of not protecting the IoT is becoming severe. From CSO online:

“Ponemon Institute estimates an average breach cost of $3.5 million in 2017, with a 27% probability that a U.S. company will experience a breach in the next 24 months that costs them between $1.1M and $3.8M.”

While there are monetary costs, the costs go beyond simple dollars and cents: they can negatively impact a company’s reputation, time spent dealing with the breach and more recently, legal consequences through legislation like the European Union’s General Data Protection Act (GDPR) and legislation such as the recent California Bill: Senate Bill No. 327 CHAPTER 886.

“This bill, beginning on January 1, 2020, would require a manufacturer of a connected device, as those terms are defined, to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure, as specified.”

With all of this being said, it is becoming increasingly obvious the growing importance of implementing security in the IoT devices at the edge. Fortunately, companies like Arrow Electronics have invested to help secure the Internet of Things at the device level. Secure programming and provisioning technology is based on a highly secured and reliable chain of trust that enables the rapid deployment of IoT edge nodes and gateways. The ability to authenticate IoT devices and quickly establish trusted connections to the cloud is critical. IoT device security not only allows you to protect your code, but when a device is put on the internet of things, you want to know it is supposed to be there through digital certificate management; you want to be able to see your fleet of devices and if something is wrong you want to have revocation services to minimize costs quickly.

Secure provisioning enables customers to take full advantage of silicon-based security features from leading global manufacturers of secure elements and microcontrollers. These new capabilities have been rolled-out as a value-added service from Arrow to secure IoT devices. One example of this capability can be found here: Arrow Electronics introduces secure provisioning service for NXP based IoT devices.

Security for edge IT

Rising alongside the IoT is an approach to IT called “edge computing.” Edge computing represents an intermediate data-processing stage that analyzes data generated by IoT devices before the information is sent to a data center. This improves the performance and efficiency of data processing and winnows down the amount of information to prevent data centers from being overwhelmed with inputs.

However, such edge-computing operations face one of the biggest security risks related to the cloud: transferring sensitive data over a network, where it could be susceptible to hacking.

One solution to securing this data is provided by the Microsoft Azure Data Box Edge. The Data Box Edge is an actual physical appliance specifically designed to easily and efficiently move data to and from Azure. To secure these transfers, the Data Box Edge uses Microsoft’s BitLocker technology, which includes hardware for encrypting and securing data sent over the internet.

Security in the cloud

Beyond device and edge-computing security concerns, engineers need a cloud-based platform designed to ensure security in IoT deployments. Azure includes a range of security measures, including:

- Azure Active Directory for user authentication and authorization, controlling access to cloud data and allowing nearly instantaneous revocation of access to IoT devices connected to the Azure cloud.

- Secure storage of all IoT infrastructure keys.

- Monitoring of all data accesses to alert users of intrusions or unauthorized access.

Putting it all together

While cloud-based platforms represent the optimal path to implementing security in IoT systems, it can be slow, difficult and complex for companies to undertake the transition to such a cloud solution. To quickly gain the advantages of cloud-based IoT, engineers need to collaborate with a solutions provider that has the experience, expertise and industry connections to rapidly secure a cloud-based IoT system.

For example, Arrow provides comprehensive cloud solution packages designed to support rapid deployment of cloud services. What’s more, the company works with top cloud technology providers—including Microsoft—to provision the industry’s most sophisticated solutions.

The bottom line on IoT security

In an era when cybercrime generates more money than some legitimate industries, engineers must act now to secure their IoT deployments—including devices, edge-computing installations and cloud-based platforms. By employing a cloud -based platform and working with an experienced cloud and IoT integrator, engineers can quickly take steps to ensure their systems remain safe.

Original article found on

Related news articles

Latest News

Sorry, your filter selection returned no results.

We've updated our privacy policy. Please take a moment to review these changes. By clicking I Agree to Arrow Electronics Terms Of Use  and have read and understand the Privacy Policy and Cookie Policy.

Our website places cookies on your device to improve your experience and to improve our site. Read more about the cookies we use and how to disable them here. Cookies and tracking technologies may be used for marketing purposes.
By clicking “Accept”, you are consenting to placement of cookies on your device and to our use of tracking technologies. Click “Read More” below for more information and instructions on how to disable cookies and tracking technologies. While acceptance of cookies and tracking technologies is voluntary, disabling them may result in the website not working properly, and certain advertisements may be less relevant to you.
We respect your privacy. Read our privacy policy here