Top 3 Things You Need to Remember for Better IoT Security
If you’re involved in the world of IoT (Internet of Things), specifically the security aspect of it, you likely know most of the challenges that are involved. At my presentation during Black Hat today in Las Vegas, I talked about my past and present experiences with PKI (public key infrastructure) and what we’re doing at Neustar to make things easier on securing IoT networks.
Neustar has developed a new way to look at PKI and IoT security. We call it Trusted Device Identity, or TDI. I approached and developed TDI by going with the premise that, no matter your best efforts, your network is eventually going to become compromised. And when it does, what’s the best way to stop the attack, recover and get everything back online. Basically, plan for complete failure and be sure to have the right tools in place so you can take quick, decisive action.
In addition, developers can make mistakes. It happens. So when a date is incorrectly entered for a key expiration, well it can ruin your Saturday like it has done to me in the past. So, here are the 3 most important things to take into consideration to bolster your IoT network.
1.Do NOT rely on the router and firewall as your security model
This is a fatal mistake that sets you and your organization up for failure. Hackers are becoming more sophisticated all the time and depending on your router and firewall to do all the work for you will lead to a false sense of security. In doing my research while developing TDI, I was able to identify 140 different threat models based on known vulnerabilities from past attacks, and possible new ones due to the way PKI works. And for many of these, a router or firewall won’t stop it.
By rethinking about IoT security from the opposite direction — how to recover quickly after an attack happens rather than trying to fend off a hack — incorporating TDI gives you a new defensive and more effective strategy.
2.Trust nothing unless proven otherwise … constantly
You can’t leave anything to chance when it comes to a possible breach. Traditional PKI solutions are leaving enterprises exposed, and with the proliferation of IoT devices they are also overburdened with certificate management. TDI is a new approach that provides multi-factor authentication so you’re less likely to see a breach. Nothing is fool-proof when it comes to hackers. But TDI can close many of the vulnerabilities that might be keeping you up at night.
TDI also allows you to monitor and audit your IoT communications to set a baseline. This provides an early-warning system to detect any irregular activity that could be a precursor to spoofing and a compromised system.
3.Enable your SOC or NOC to control the security rather than users or site managers
In a traditional PKI, recovery is the biggest problem because the identity of the IoT device must assert itself to the messenger. The messenger then looks up the identity and either validates the certificate or rejects it. In the Neustar TDI, the identity service validates the identities and returns it to your application. Only the validation is forwarded to the server. No lookups needed.
This allows your SOC or NOC to grant and revoke trusted status in real-time. And when you’re talking about thousands, or maybe even millions, of devices that’s incredibly significant.
To learn more about Neustar TDI and how to keep your IoT network up and running in the event of a cyber attack, you can click here to visit our landing page.