Verizon’s Multi-Layer Approach to IoT Security

K. Weldon
K. Weldon

Summary Bullets:

• While there are many approaches to IoT security, consumers and businesses still have reasonable doubt – will carriers and vendors be able to sway public opinion?

• Service providers talk about the need to provide security at every layer – at end and edge devices, for data in transit through multiple networks, and to cloud services providers and applications. Verizon is well on its way to realize this goal.

Every survey conducted by GlobalData on IoT (and every other one I have ever seen) over the past five years notes that the major barrier to adoption of IoT is still fear of the lack of end-to-end security and “the end” of data privacy. It doesn’t help that in-home devices such as cameras and voice assistants have already caused some famously embarrassing invasions of privacy. We are approaching a time when 5G-enabled low latency, high speed, and “massive” bandwidth availability may finally push IoT adoption towards the tens of billions of devices that have been predicted for years. But alongside this growth is a vision of billions of unprotected, unmanned devices in the field that are able to not only see and hear what humans say and use this data to sell products, but may cause serious breaches to business and government systems that have already been weakened by cyber-security malware and identity theft.

The ecosystem that provides solutions to IoT users is large and unwieldy but operators, IT service providers, software vendors, enterprise network and infrastructure manufacturers, and security specialists all claim to have a set of products that aim or claim to fix this situation. Operators are often at the heart of IoT deployments because they provide many of the key building blocks of the solution. However, while their networks may be inherently secure, the rest of the solution, including IoT devices, third-party networks, cloud services with public or hybrid models, data storage and processing platforms, and application software may not be. How can an operator go beyond their network domain to reassure customers that the data being collected and processed is safe and that billions of devices in the wild won’t ramp up security problems?

Verizon’s recent Mobile Security Index, conducted annually, which surveys enterprises on their mobile security practices and experiences, noted that 31% of respondents had suffered a compromise involving an IoT device over the last 12 months. Verizon’s approach is to provide security across device, network and cloud services layers. Verizon sees the following capabilities as necessary to secure IoT end-to-end.

Device Security

• Life of device digital identity

• Secure boot

• Over the Air updates

• Ability to lock down physical ports

• Interoperable device security standards

Network Security

• Interoperable network security standards

• Virtual private networks

• Private IP

• Private IP Connection to public clouds

Cloud Services

• Authentication

• Authorization

• Configurable policies

• Physically secured resources

To accomplish this, Verizon has a portfolio of IoT security offerings encompassing the following products.

On-device solutions:

• SIM-Secure, a customer controlled OTA solution which prevents unauthorized devices from accessing the network, prevents unintentional SIM re-use, and devalues stolen SIMs. It also reduces fraud and controls unwanted expenses caused by data overages.

• ThingSpace Service Operational Device Security (ODS), a Verizon-Mocana solution which provides remote policy/event management.

Network solutions (for data in transit):

• Wireless Private Network (for LTE Advanced and upcoming 5G)

• Secure Cloud Interconnect (to third-party cloud services providers)

• Verizon-hosted IoT Security Credentialing service.

Cloud and Application layer Security:

• Verizon’s ThingSpace IoT platform controls API and portal access via authentication and provides monitoring and operational management via secure firmware updates and protocol upgrades.

• Verizon offers a Network Detection and Response solution, a threat management/intrusion detection service for both IoT and non-IoT customers.

Verizon also offers a ThingSpace services bundle that detects, protects and respond to IoT threats with SIM Secure and account alerts to prevent fraud; device location services to ensure a device fleet is where it should be; and diagnosis of network and device issues with the ability to patch devices in the field.

Adoption of these services among Verizon IoT customers is high, with, for example, about 80% of customers using private wireless networks. In another example, SIM-Secure is used by companies providing ride-share scooters that might otherwise be subject to SIM stealing.

While wary customers may still view security as an obstacle to deploying an IoT project, these kinds of solutions should help overcome many of their fears.

 

What do you think?

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.