Wireless Logic’s Cloud Secure solution was named winner of the IoT Security Product of the Year award at the recent IoT Breakthrough Awards.
Companies deploying IoT devices must consider how secure those devices are. Security is critical to mitigate the risk of data breaches, which can be extremely damaging to business’ finances and reputations. Now, companies also recognise that security has a commercial value – 96 per cent of tech decision makers in the PSA Certified 2022 Security Report said having security in their products positively impacts the bottom line.
How to secure IoT services
To secure IoT services, devices must be identified and authenticated. Beyond that, they must also be authenticated to the cloud services they connect to for data exchange. Therefore, companies striving to secure their IoT solutions must understand security not just at the level of the SIM, but also beyond.Wireless Logic’s Cloud Secure was recently awarded IoT Security Product of the Year by the IoT Breakthrough Awards and shortlisted for the IoT Global Awards, in the Securing IoT category.
Cloud Secure uses on-SIM technology to give IoT companies zero-touch onboarding of devices to services built on AWS, Azure or Google Cloud. With a combination of GSMA standards-based on-SIM technology and mobile core network services, Cloud Secure resolves IoT device identity, enables scalability and provides a defence against IoT device spoofing, ransomware and unauthorised device access to network and cloud services.
IoT security pitfalls to watch out for
IoT security often combines on-SIM technology for network authentication with separate components on the device to house security keys for the cloud service authentication. However, this approach introduces potential security weaknesses into manufacturing and maintenance processes. It also adds complexity and costs.
An end-to-end on-SIM approach provides security from the SIM to the Cloud for added peace of mind. It also makes for simpler device provisioning. It extends the root of trust beyond the network to cloud-based services, authenticating the SIM with the relevant mobile network and with the cloud service provider through cloud certificates embedded in the SIM.
In its own press release, James Johnson, managing director at IoT Breakthrough, said: “End-to-end on-SIM security helps defend against a range of cyberthreats while also streamlining device provisioning and improving scalability and convenience. It really benefits organisations with health or safety requirements and applications that need protection and we are thrilled to congratulate the Wireless Logic team on this IoT security breakthrough.”
Cloud Secure is network and cloud agnostic, to help IoT organisations protect their investments in development and operational processes. With Cloud Secure, users can leverage on-SIM applications and network security methods to ensure that only authorised devices can connect to enterprise servers or cloud infrastructure.
Additionally, the solution provides auto-enrolment of devices onto cloud service providers and simplifies device provisioning processes while enabling dynamic scalability.
What protection does end-to-end IoT security provide?
IoT solutions must be secured against unauthorised device access, ransomware, device spoofing and fraud. Establishing identity at both network and service level helps defend against unauthorised device access. Devices can be spoofed when security key information can be emulated. The risk of this is reduced by minimising opportunities to get at this information. When a range of components are involved, sometimes accessed by a number of teams during manufacturing, there is a higher level of risk. On-SIM technology helps by simplifying manufacturing processes and reducing involvement in the components that secure the solution.
Similarly, embedded cloud certificates help mitigate ransomware risk that comes with sharing identifiers. To protect against fraud, an IMEI hardware identifier in the SIM can facilitate detection and blocking in the event of SIM theft or rogue device behaviour.
Companies deploying and managing IoT solutions need confidence in the security measures that protect their devices and data. Those measures must effectively identify and authenticate devices to networks, but they must also authenticate to cloud services for data exchange. Risks that include device spoofing, fraud and ransomware attacks threaten critical applications and can cause far-reaching damage to companies if they occur. Securing IoT solutions from the SIM to the cloud helps protect deployed solutions, while at the same providing a range of benefits around manufacturing processes to improve efficiency and keep costs down.