Is it impossible to securely manage the billions of ‘Things’ in the IoT ecosystem? - IoT global network

Blogs

Is it impossible to securely manage the billions of ‘Things’ in the IoT ecosystem?

April 25, 2019

Posted by: Anasia D'mello

Gil Bernabeu of GlobalPlatform

In our brave, new, connected world, we’re witnessing a seismic shift in the role that devices are playing across all aspects of life, says Gil Bernabeu, technical director, GlobalPlatform.

The rapid growth of the Internet of Things (IoT) means that today billions of devices – from everyday household appliances to specialist manufacturing machines – can be connected to the internet and communicate sensitive data and information. By 2020, it is estimated there could be up to 50 billion connected devices across the world. That’s almost ten times the number of people who use the internet today.

With that in mind, it’s no surprise that service providers and edge device manufacturers are keen to capitalise on the seemingly endless opportunities IoT presents. As the market expands, however, the emergence of new players, along with different proprietary hardware and software solutions, are bringing complexities which threaten to undermine a successful future for secure digital IoT services. Managing, protecting and securing the billions of devices, data, networks and services in this ever-expanding ecosystem can seem like an impossible challenge.

Aside from smartphones, where an end-user can participate in the device management, many types of IoT devices rely exclusively on remote device management for updates and upgrades related to software, repairs or security measures, for example. This is no small undertaking given the sheer scale of the ecosystem.

Any one of the billions of devices connected to a network, no matter how small, could be a target for hackers looking for a vulnerable path to a network or as part of a more widespread attack on a particular device type or channel. Yet some in the IoT space are not taking the risks associated with insecure devices seriously enough.

In fact, many device manufacturers still remain unaware, or are dismissive, of the essential security requirements necessary to deliver safe and secure digital services, as demonstrated by several high-profile hacks and data breaches in recent years. As the number and nature of use cases grow, so too do the risks. As a result there is an immediate need for a foundational, standardised solution for securing and managing IoT devices and services.

Of course, IoT security requirements should not restrict innovation and time to market. For digital IoT services to be a success, all stakeholders in the ecosystem need to have their unique sets of needs met to allow them to deliver competitive products and services.

Service providers need to trust that their service and its data will be protected and updatable regardless of the device hardware or operating system (OS). IoT device makers need to support a range of device OSs, securely connect to multiple cloud platform providers and offer the required level of security to service providers. Cloud platform providers need to securely enrol many device types, running a wide range of different secure services.

This is where GlobalPlatform technology plays a key role. Our specifications, configurations and frameworks provide a way for all IoT stakeholders to efficiently deliver innovative digital services, while providing greater security, privacy, simplicity and convenience for users. At the highest level, GlobalPlatform offers:

GlobalPlatform’s Device Trust Architecture (DTA) framework pulls these initiatives together to empower all stakeholders in the value chain to seamlessly deliver, and securely manage, digital services and devices.

As a result, GlobalPlatform facilitates collaboration between service providers and device manufacturers on technical and strategic interests, offering a simple, low-cost and ultimately secure route to market for IoT services.

For further information visit GlobalPlatform.

Comment on this article below or via Twitter @IoTGN