IoT Slam 2020
The event marked the IoT Community’s twelfth international IoT Slam conference. The conference provides the global IoT ecosystem with an exciting platform to engage with expert practitioners, and to learn about best practices for enterprises developing and shaping the IoT landscape. ZARIOT’s Stuart Mitchell was a speaker at IoT Slam 2020 and discussed how a Zero Trust security approach can be applied to cellular IoT deployments to minimise access and maximise protection.
Using Zero Trust to Protect Cellular IoT Devices
More than ever we need the Internet of Things to drive reliable and secure automated means of production, monitoring and control when facing up to the challenges of environmental concerns and a global pandemic. Ensuring supply chains can scale to adapt to massive peaks of demand while production can be made more efficient and create less waste is good for the health of our economy and planet while ensuring the air we breathe and the water we drink is clean and the driver-less cars are safe are vital for the safety of our population.
Cellular IoT is the best way to connect remote sensors and moving assets, however there are still major security vulnerabilities in that ecosystem which might allow ‘bad actors’ to snoop, intercept or even disable connectivity entirely. What can we learn from the developments in enterprise IT security to ensure we only provide fit-for-purpose connectivity for the Internet of Things of the future?
ZARIOT from its inception has been laser-focused on security and is working to become the world’s first Zero Trust cellular connectivity solution. Looking at the “6 Ws” (Who, What, When, Where, Why and How) of connecting devices to a mobile network we will examine how existing techniques can be used to ensure SIMs can be fully protected from compromise. What techniques can be used to protect SIMs deployed in remote environments to ensure compromise of physical security doesn’t lead to fraud and excessive charges? What vulnerabilities are inherent on the mobile network infrastructure itself, what are the risks and how can they be mitigated? And how and when should the public Internet be used to carry critical and sensitive data for analysis and storage?
This session will take the form of an interactive presentation, targeting stakeholders of the IoT community who have not yet fully considered IoT security from the perspective of connectivity. This includes device manufacturers, solutions providers, systems integrators, and security consultants. The intended outcome is that the audience understand that cellular connectivity is itself an attack vector which must be protected, and additional security capability can be added to both SIMs and the network layer, thereby reducing barriers to IoT adoption in projects where security is paramount. This level of security may be a turning point for adoption into projects such as voting machines and mission-critical devices such as autonomous vehicles and drones.