Cloud enabled security
In the age of the Internet of Things (IoT) and IoT-enabled digital twins, the world is becoming more connected. Whether through outlets, lightbulbs, cars or baby monitors, the miniaturization of electronics has allowed consumers to experience that connectivity in everyday technology that has been integrated with sensors, antennae and processors that herald the new age of technological innovation. With billions of these devices expected to turn online over the next year alone, concerns about the security and privacy of the data harvested continue to rise. In fact, there was a record-high of 10.52 billion attacks in 2018 alone.
Many malicious attacks can be regarded as due to poor security hygiene, that is, protected by only factory-settings or with commonly used passwords, unencrypted databases, and/or unpatched systems. For example, last month it was identified in automotive giant Honda a server containing 134 million rows of employee systems data. There was no password on the database, allowing anyone to access and read the data. The data included which operating system a user was running, its unique network identifiers and IP address, the status of the endpoint protection and which patches were installed. That could allow an attacker to locate specific high-value employees and figure out which of their systems was at risk of certain vulnerabilities to tailor attacks using exploits known to target vulnerable devices.
Other attacks are getting more sophisticated, and as the numbers and types of connected devices grow, new opportunities for hackers to breach security are being discovered and exploited.
Cloud computing empowers a holistic approach to security, enabling end-to-end encryption. Cloud security allows for certificate-based authentication of all communication, which means unauthorized software can’t run on the IoT device until the cloud certifies it and renders it authorized. Moreover, analytics allow for predictive and preventative security hygiene since cloud security can provide insight into device and application failures and visibility into emerging security threats. Lastly, the cloud-based nature of security allows for constant automated updates for software so that new threats can be dealt with quickly before any vulnerability can become widely known.
André Godinho Luz
CEO Infinite Foundry