Making a Secure Internet of Things a Reality: 5 Steps to Get Started

The Internet of Things (IoT) holds enormous promise.

First, there’s the promise to have an even greater impact than the launch of the internet, providing universal connectivity and ongoing innovation from real-time data. We’re already seeing this in action.

Second, is the promise of even greater security than traditional IT environments, where humans and manual processes are typically the weakest link. We still have progress to make on this front.

We’ve now learned that breaches within machine-controlled networks are exponentially more disruptive, opening the door for device misuse, data compromise, and a host of other destructive actions.

But the promise of greater security is still viable. It requires us to learn from past experiences and build a solid foundation across the IoT ecosystem that prioritizes security from the very beginning. Here’s a look at what’s at stake.

The stakes for getting IoT security right have never been higher. The introduction of the IoT brings incredible potential to sectors like automotive, healthcare, energy, and transportation, but the cost of a breach in these domains is irrevocably high.

Consider the case of healthcare: A typical healthcare delivery organization has 20,000 connected medical devices. Any systems that store personal information and medical records are high targets for identity thieves. Even more alarmingly, the wrong party gaining control over medical equipment could have fatal consequences. In 2017, the FDA recalled 465,000 pacemakers after discovering security flaws that could allow hackers to drain device batteries or send malicious instructions to modify a patient’s heartbeat.

Meanwhile, connected vehicles are another increasingly popular IoT use case that carries equally significant risks. Since 2015, we’ve seen numerous attacks in which third parties accessed a vehicle remotely and took action like turning off the transmission while driving or adjusting the speed of the car. Attacks like these could seriously harm not only those in the vehicle but those around them as well.

Too often, IoT devices use static passwords or shared keys, which create serious risk because a compromise to one device can affect all devices. Instead, each device needs its own unique digital certificate.

Using unique credentials on each device not only minimizes the impact should one device become compromised, but it also allows for more secure ongoing communications. It enables organizations to validate each device on its own, send secure messages and updates to a single device, and authenticate any data that comes in from a particular device.

Trusted Platform Module (TPM) technology or Secure Storage hardware provide a hardware-enabled approach to storing and securing cryptographic keys and certificates.

This type of hardware offers a more tamper-resistant approach to key storage. That’s because the only way to access the keys stored on these devices is to gain physical access to the device itself.

Devices must verify the authenticity of any new firmware or software updates prior to installing them; otherwise, hackers can easily pass malicious updates to these devices.

Code signing, which applies a digital signature to these updates, is the best way to manage this verification since those signatures can authenticate the source and confirm that the script was not altered in transit. 

Managing a Root of Trust (RoT) gives each organization full control to validate the identity of every device (or person) receiving a key. This minimizes risk compared to a shared RoT, in which another party (even if it’s a known partner) has a certain level of control that can impact security for everyone.

At a time when many device manufacturers ship hardware with keys and certificates pre-loaded, organizations should take certain steps to maintain security. First is validating the authenticity of that new hardware using the existing key, and second is bootstrapping over to credentials issued from a private RoT to ensure complete control.

Finally, it’s important to remember that certificates, keys, and RoTs require continual lifecycle management, as static systems are inherently insecure.

Whether it’s cryptographic algorithms weakening over time or other threats that compromise certificates, teams must be able to renew, replace, and revoke credentials at any time for as long as those devices are in use. And they must be able to do so even on remote devices in the field.

Public Key Infrastructure (PKI) is a trusted framework to manage digital certificates and public key encryption that offers the protection and scalability needed to power IoT security. Specifically, PKI offers richer capabilities and higher security assurance than any other authentication method and has been widely used and trusted in large IT organizations for decades. Importantly, unlocking this potential requires proper management, with an eye toward ongoing maintenance and scalability.

Keyfactor Control is one such way to consume PKI that makes it easy to embed security into every step of the IoT device lifecycle. It does so through unique identity provisioning, secure update and management capabilities, ecosystem integration and workflows based on a secure RoT, code signing enablement, and the ability to work with common ERP and MRP systems to establish bootstrap identities known only to the manufacturer.

With a clear strategy and technology like Keyfactor Control to help execute, the promise of a highly secure IoT is well within reach. It’s simply a matter of putting the right protocols, processes, and ongoing management in place.

Interested in learning more about the common weaknesses in IoT security and what’s needed to improve? Download our white paper on the five guiding tenets for IoT security for more insights.