Top 8 Security Design Principles for IoT Product Developers in the Private Sector
The Internet of Things (IoT) is defined as “a pervasive and ubiquitous network which enables monitoring and control of the physical environment by collecting, processing, and analyzing the data generated by sensor or smart objects”. Around the world we have seen the IoT play a key role in the global digital transformation, however with that has come the critical task of developing cyber security policies. Cyber security within IoT concerns all types of users, ranging from the consumer to governments and the private sector. Within the private sector, security may lie in identifying data integrity whereas on the consumer level protecting personal information is most likely at the forefront.
The use of IoT within the private sector can cover several aspects, ranging “from e-governance that uses technology to improve services for citizens to environmental protection using sensors to monitor the bacterial levels of rivers and lakes” for example. Private Sector concerns for IoT security are likely much the same as those of enterprises whereby vulnerabilities and threats could lead to compromises of privacy, however with particular scrutiny given to key areas, such as:
- Meet baseline security requirements for government through standardized processes
- Resilience against threats
- The duration of security support for IoT products and services
For IoT product developers there are a number of security design principles and solutions to help secure the tools and technology for use for consumers, enterprises and the private sector including the government. IoT product development ranges from “developing component of the solution from scratch, integrate off-the shelf or open-source components, or adopt preconfigured solutions with minor adaptations.” Microsoft recommends three practices to secure IoT solutions, whether product developers are part of an in-house team or a system integrator who specializes in activity:
- Follow secure software development methodology: to develop secure software, end-to-end thinking about security including the choice of platform, language, tools, implementation, testing, and development, is required
- Choose open-source software judiciously: if choosing open-source software, product developers need to consider the activity level of the community for each and every component of the software. It is recommended to go with an established community that supports and is responsive to addressing any vulnerabilities and other issues
- Integrate with care: checking for security flaws and vulnerabilities at all levels of the interface – even ones that may not be required for current deployment – is crucial.
As you can see, security needs to be at the forefront of IoT product design and implementation. Below we discuss 8 security design principles that product developers should apply:
Security vs. Convenience
It is natural to look for a balance between security and convenience, however when it comes to IoT products, the last thing product developers should do during the design process is compromise on security for the sake of convenience. During the design process, security testing should be performed at the highest possible level.
IoT systems, software and products should take advantage of automated tests in order to perform complex and tedious operations. While humans can do this, tests are time consuming. Using automated tests allows all publicly known bugs to be tested on all devices.
Prepare for the worst
There will be downtime – this is a guaranteed during product development. Ensure that security countermeasure are never degraded in the absence of connectivity.
Everything must be encrypted
Data encryption is good, but IoT products need to be better. Encryption is not absolute, so product developers need to carefully scrutinize and assess to ensure that encryption is applied to the product uniformly and appropriately. Mistakes can be easily made during data encryption, such as failing to intermediate certificates, failing to encrypt traffic with a strong key, using a uniform seed or exposing a private key. These mistakes make leaking data easy for attackers. A thorough review of any encryption capability must be applied throughout the design process.
Penetration testing needs to be performed with every change or code and configuration change. All of the component of IoT are stripped down to the absolute minimum viable feature set to reduce attack surface. Anything that is not used, such as ports and protocols have to be disabled, while unnecessary supporting software should be uninstalled or turned off. If any line of code is provided by third party apps, it needs to be audited.
Data in aggregate is unpredictable
Closely monitor all data that is collected and have checks in place to oversee what is done with the data and how it reads. Complex data analysis can often shine light on sensitive patterns and hidden information.
Plan for the worst
As IoT products are more often than have multiple nodes, issues in communication will occur. Be sure to have a response system in place in the event of a compromise, hostile participants and/or malware. Features should also be in place to re-issue credentials, exclude participants, distribute security patches and updates, before they are needed.
Design with multi-factor authentication for APIs
Security controls need to be same across all interfaces in the ecosystem. Attackers target the weakest component to exploit a vulnerability, so be sure not to give them this. Mobile interfaces, hidden APIs, etc., have to enforce security in the form of more robust or feature rich interfaces. Essentially, using multi-factor authentication for a web interface is useless if a mobile application allows access to the same APIs with a a four digit PIN.