GUEST POST: Examining IoT Security and Encryption

The following is a guest article written by Haider Iqbal, Segment Marketing for the IoT and On-Demand Connectivity at Gemalto

IoT Security lT69mH+xRxVTAAV…

…mSa7N7htOHGOpxAVe

No, this article did not get hacked; and the heading above is exactly what I meant it to be – encrypted! What you see is a half encrypted title. It’s quite likely you’re reading this article because you are interested in IoT, or specifically IoT Security. Which means my purpose is well served – I’ve revealed only the information in my heading that is most relevant for you, and encrypted everything else! Read on, and perhaps you can discover what the heading actually says.

There is no easy way to describe IoT Security, but encrypting the heading is one example. There are parts I want to reveal and parts I don’t. It’s the same for any enterprise implementing IoT solutions. Companies wish to restrict some information, while allowing access to other parts. As a result, they need a robust authentication system and encryption in place to properly protect their networksBut security for enterprises goes far beyond this small example. Should enterprises secure newly introduced devices (or endpoints)? Should they focus on securing the communication between devices; or the communication from the device to the cloud? As for the cloud, should enterprises think about cloud security as well? All these questions can be overwhelming for IT security managers (or more specialized IoT security managers) who are jumping into new projects to integrate innovative new devices into their enterprises’ existing ecosystems. A recent report by Gartner, Market Guide for IoT Security, captures the essence of these questions. Here’s a synopsis of the key findings from the report:

  • There are four key areas emerging as a focus for IoT Security: embedded trust, device identity and key/credential management, real time visibility and control, and professional services
  • The early adopters are learning quicker from their try-fast-fail-fast approach through proofs-of-concepts inside their organizations
  • Lower complexity of deploying IoT Security is one of the key criteria for identifying solutions to IoT threats

The task for implementing security for IoT solutions can be quite daunting. Where should one begin? From use cases like industrial goggles for remote support and training of machine operators to using new sensors for monitoring metrics on a certain production line, security is pivotal.

Enterprises, such as manufacturing companies, are beginning to understand that even at the phase of doing proofs-of-concept, security cannot be overlooked. But with the security challenges these new kind of devices introduce to the whole enterprise network, the IoT Security Managers have their hands full. Introducing a single industrial tablet or glasses, even if it’s for a proof-of-concept, introduces the network to new threats. Three challenges come up immediately: managing the identity of these new devices, addressing how they access the rest of the network, and ensuring that the communication to or from these devices is encrypted.

Digital security is becoming increasingly important, whether for governments, transport authorities, industrial OEM, consumer OEM, MNOs or banks. It’s critical to achieve the right balance between security and convenience, while securing the device, securing the cloud and successfully managing the lifecycle of security keys.

Regarding the heading at the top of this post, if you want to discover what it says,

  1. Visit the online decryption tool at: https://www.tools4noobs.com/online_tools/decrypt/,
  2. Cut and paste the encrypted message in the text box: “lT69mH+xRxVTAAVmSa7N7htOHGOpxAVe”
  3. Use encryption algorithm: “Des”, and the key: “HAIDER”

Isn’t that tricky!


Haider Iqbal, Segment Marketing for the IoT and On-Demand Connectivity at GemaltoThe above article was written by Haider Iqbal, Gemalto, Segment Marketing for the IoT, On-Demand Connectivity, and OEM. A tech enthusiast and generalist by nature, he loves finding synergies between different technologies, industries and business verticals.