Read: TBI Adds Privafy Cloud-Based Security-as-a-Service
Securing IoT devices isn’t a small job, but it has some very small limitations when it comes to size and power consumption.
IoT device manufacturers are challenged to provide device security for data-in-motion at scale, particularly with micro-sized devices. Privafy’s IoT security solutions are just the right fit for IoT device manufacturers who want built-in security that is built just for the IoT environment.
Click the image to enlarge
A better approach to traditional security
IoT networks typically use a traditional encryption approach to secure the data transmitted in the network. MQTT and SSL/TLS encryption vulnerabilities, however, have been well documented through high-profile breaches. Additionally, when securing the IoT hubs or data centers, traditional firewall solutions are not integrated with the IoT devices in the network. This fragmented security solution results in allowing cyber criminals to gain access to the network, steal sensitive information, and even gain control of the IoT devices.
End-to-end visibility and control
Privafy IoT solutions ensure that any IoT network in the world can be secured comprehensively and seamlessly. Since the solution spans all the way from the IoT device to the hub/data center, IoT operators have complete, end-to-end visibility and control of the data traffic.
Privafy MicroEdge seamlessly integrates into any IoT device or the semiconductor chip used in the device. The MicroEdge software is lightweight and designed to be customized with any type of IoT architecture. The ability to be integrated at the semiconductor chip level provides a secure hardware root-of-trust that follows the zero-trust network (ZTN) approach.
Privafy CloudEdge can be deployed in the IoT hub/data center to provide a full-stack security solution. Together with MicroEdge, it establishes a peer-to-peer encrypted connection that secures all data traffic flowing between the two edges. The hubs/data centers are protected from any incoming cyber attack, while outgoing traffic is safeguarded from going to any malicious destination.
Privafy AppEdge can be integrated or embedded with the IoT application on the user’s device (e.g., smartphone, tablet, laptop) to allow the user to securely connect to the IoT device or the hub/datacenter from a remote, unsecured network. This is critical, as an unauthorized user who obtained valid credentials could otherwise gain access to IoT service accounts.
The Privafy Cloud Service manages the automatic key rotation and establishes a secure root-of-trust with any new device once MicroEdge is activated. This provides scalability for rolling out large numbers of IoT devices globally yet securely. It also manages the edges to keep the security policies and software patches updated. Using the PrivafyCentral dashboard, IoT vendors can apply policies as per their requirements and gain deeper visibility into the network. PrivafyCentral’s API-driven interface allows vendors to integrate dashboard information with their existing SIEM and SOAR systems for ease of managing large networks.