IoT Security

Why Today's Security Doesn’t Protect Distributed and Mobile

Distributed and mobile platforms have fundamentally changed the IT landscape. Almost always today, devices, applications and users are remote to each other – each owned and operated by different third-parties. These platforms are made of many unique and different technologies including purpose-built, resource challenged IoTs.

01 – Purpose Built and Non-Standard

IoTs are often purpose built and non-standard, using imagination-driven hardware and software for imagination-driven purposes.


The Challenge

Traditional security approaches and tools were designed to secure Windows, Mac, and Linux, running intel processors and are not in tune with the requirements of IoT infrastructures.

02 – Everything is Everywhere

Technologies today are highly distributed and mobile, and are designed to operate on many different hostile public and private networks.


The Challenge

Traditional security approaches and tools were designed for and are limited to protecting concentric and contained networks of systems.

03 – Long-Distance Applications

Technology platforms are increasingly dependent on remote SaaS and hosted applications.


The Challenge

This requires securing different technologies operating in hostile non-concentric networks with tools not designed for the task.

04 – The Deconstructed Platform

Platforms become deconstructed when IoTs are introduced. It is not uncommon for the network the IoT operates on, the IoT itself, the application infrastructure, the application itself, and the platform’s management to all be third parties to one-another.


The Challenge

Today, securing each IoT type, application and management platform requires a different array of security tools and expertise – overall an expensive, resource intensive and ultimately ineffective process.

05 – Welcome to Dependency Compute

Devices, applications and users are not stand-alone; they are highly dependent on each other. Devices generate data and perform tasks while the application turns data into insight and decides on actions to be taken by the device.

Dependency Compute


The Challenge

The integrity and reliability of communications between devices and applications is mission critical. Without devices, application functions go unfulfilled. Absent the application, device data cannot turn into decision-support insight.

06 – A Web of Exposures

The deconstructed platform means that third-party applications have privileged access to IoTs operating on multiple customer networks, bypassing their network security. Their security is now dependent on the security of the third-party application provider.


The Challenge

Compromise of SaaS or remote third-party applications could easily lead to compromise of the many IoTs to which it has privileged access. The compromised IoTs can then be used to cross-contaminate other systems on the network.

07 – The Global Attack Surface

On a common network, each unique device is connected to different third-party applications. These applications in turn service many devices for many other customers. This tangled web of relationships diminishes the security of all parties to that of the weakest link!

Global Attack Surface


The Challenge

With the addition of every unique device and third-party application, the exposures are compounded, leading to indefensible complexity.

08 – Spanning Generations

With a lifespan of 8-20 years, devices outlive enterprise technologies by a factor of four or more.


The Challenge

Purpose-built devices have introduced a new logistics paradigm for operations, management, upgrade, repair, and security of these distributed platforms over a period spanning decades.

09 – There’s No Stopping This Train

Everything is now connect-capable, and below-the-radar introduction of new technology and cloud applications is so common that it has become muscle memory.

coffee-machine-iot


The Challenge

The rush to make mundane objects connected has led to operation technologies, like HVAC systems, building access, and even the coffee machine, to quietly seep into the network – creating many unknown back doors.

10 – IoT T T T T T T T T T T T T T T T T T T T T

The scale of IoTs has already dwarfed that of enterprise technologies. By sheer volume, these defenseless technologies are being actively used en masse to wage cyber war.


The Challenge

With their low cost, limited nature and the industry emphasis on function without viable security options, IoTs are especially vulnerable as points of compromise, as attack tools or both. Managing security on a platform experiencing explosive growth is especially challenging.

11 – Unbounded Consumption

IoTs are technologies that operate in-the-wild and are accessible to anyone local or remote. Moreover, as machine-to-machine communication becomes dominant, unrelated IoTs may be repeatedly engaged by misconfigured systems or poorly developed applications.

melting ice

The Challenge

Security is the most expensive compute resource. Aside from short-term effects, attackers can impact long-term IoT longevity by hastening a device’s power consumption through persistent attacks — forcing a decision to replace or abandon the IoT.