Placed on – 6 October 2022

IoT security: make sure your system has state-of-the-art defenses 

Keeping an IoT system secure is an ongoing task.
IoT security

Internet of Things (IoT) security is not a one-off, but a set of active, regular, and ongoing actions and strategies that make a system constantly secure and protected. In that sense, understanding how your IoT solutions provider handles and approaches security is key to your peace of mind and the future of your system.  

At EVALAN, we prioritize security and thus implement a security by design strategy. This means that we integrate multiple security policies at ones, as we view security in a holistic way. Our approach requires the incorporation of security from initial stages across the entire system and throughout its lifecycle. 

“The security of IoT deployments depends on the protection of all its components.” 

Layers, layers and layers. 

To secure all the components that make an IoT system, multiple layers of security need to be added to each one of them. For us, this means building the IoT system from the ground up and avoiding bad practices such as bolt-on engineering, which builds on top of partially existing systems by adding software components to it.  

Building with security in mind includes creating reliable and state-of-the-art defenses for: 

  1. Installed hardware.  
  2. The cloud environment. 
  3. And the way data is accessed.  

Security by design 

Our IoT devices have a secure element installed which provides them with individual encryption so that secure bi-directional communication can be established between the device and the cloud.  

The connection between our IoT devices and our cloud is done based on identity certificates, which means that the devices will only communicate to the cloud that it “knows and trusts” and the cloud will only talk to the device when the identity was verified, and consent was given. Furthermore, connections follow standards and best practices such as enforcing the latest protocols and encryption algorithms. To that effect, all communication is encrypted in our system.  

“In essence, our design creates an immutable root of trust.”  

Secure updates 

The faster you can react, the more secure an IoT system is. In that sense, we run continuous testing and keep up to date with the latest security recommendations about cryptographic algorithms. In addition, with over-the-air (OTA) updating we can quickly replace any device’ firmware, add extra protection or switch them to a newer and more secure encryption algorithm. 

As such, if (during our active monitoring of devices) we were to encounter a scenario where a device is compromised, we would be able to shut it down by invalidating its certificate which would prevent it from ever communicating to the cloud again. This means that one compromised device will not compromise others. 

“OTA updating enables future-ready IoT solutions.” 

Secure data access 

By design, the access to data is separated by several layers. Access to any data is done through accounts which control which objects a given user can access. On top of that we have implemented role-based access control (RBAC) policies that allow us to fine-grain access based on specific functionality, specific users, and specific roles. This means that users will only be granted the set of permissions and functionalities that they need for their projects, thus limiting the attack surface should an account be compromised. 

Moreover —to add on the data topic— it is relevant to mention that our systems always consider the sensitivity of data (including double consent requirements for data about location, for example), and do not store or send personal information. The latter makes all our systems compliant with the General Data Protection Regulation (GDPR).  

“EVALAN is the IoT partner that keeps dependencies up to date, follows best practices and encrypts everything possible.” 

For more information 

Send us an email to info@evalan.com

Or book a meeting with us here

Share this article

Our success cases

Evodos – IoT remote monitoring solution

Shifter – Smart time registration system

More Blogs

Energy & Water

IoT and the Digital Transformation in the Energy Sector

IoT and real-time monitoring in the energy sector boost operational efficiency and ROI.

Embracing the Power of Real-Time Measurements with IoT

Real-time measurements are increasingly indispensable in addressing the dynamic challenges of our world.
Industry

Connecting Modbus Devices to the Cloud: Simplifying Integration with Device Management Portals 

BACE Panel allows you to connect Modbus Devices and more with just a few clicks.

What is an IoT Platform?

The right IoT platform simplifies complexity and boosts business productivity.

IoT gives you the ESG data needed to make an impact

IoT allows you to gather and translate ESG data into actionable insight.
BuildingsEnergy & Water

A 101 on Energy Curtailment in the Age of Renewables

Understand what energy curtailment is and the impacts it has on your solar energy installation.

"We solve problems with IoT solutions to give your business a competitive advantage."