LAUNCH SECURE IOT SOLUTIONS WITH OUR IN-DEPTH EXPERTISE IN IOT SECURITY
With the convergence of the physical and computer worlds, IoT poses unique security, privacy and compliance challenges for your Connected Products and Smart Services business.
Your IoT solution must offer multilayer protection from the edge to the cloud securing the device, network and the cloud. This encompasses the secure provisioning of physical devices, secure connectivity and data transmission between them and the cloud, and secure data protection in the cloud during processing and storage.
Thinxtream possesses extensive expertise in diverse aspects of IoT security for your IoT solutions. We have built a comprehensive database of security best practices, checklists and test cases for design, coding, test, deployment and operation phases.
IoT security strategy is crucial for an IoT solution.
Connect with us today to build a comprehensive IoT security strategy.
IOT SECURITY PRACTICES
Thinxtream follows robust security practices in designing your IoT solutions. These practices are constantly reviewed and upgraded as new security threats emerge.
Provisioning IoT devices and IoT solutions with unique identities and credentials
Using cryptographic credentials and hardware protected stores like TPM and HSM for storing credentials
Implementing strong authentication and policies for access control
Creating trust boundaries and enforce access control on all access from outside those boundaries
Identifying entry points which could lead to forging, spoofing and unauthorized escalation of privileges
Using encrypted channels for communication from IoT device to IoT cloud
Protecting confidentiality and integrity of short and long-range communication channels used for data, administration, and deployments
Building CICD pipeline for streamlining security updates to devices and systems
Using version-controlled, digitally-signed and authenticated connections for deploying updates
Carrying out continuous risk assessment and mitigation, automate security auditing and monitoring mechanisms
Monitoring device, network and backend servers for any unexpected behaviour
Maintaining and exercising an incident response plan for problem containment and recovery
Identifying key risks and mitigation plans for your system by preparing a threat model for the system
Minimizing the attack surface of the system
Removing unused interfaces, services, and devices to reduce the surface area and regularly review the surface of minimization
Avoiding unnecessary data storage, access, and transmission
Stopping collection of unused data and adjust the retention period
Transmitting data only to systems with strict security access controls
Monitoring vulnerability disclosure and threat intelligence sources
Staying tuned to vulnerability disclosures, attacks in public domain and assessing the risk to your system
Business, customer and device data must always be secure.
Connect with us today to build a secure IoT solution.
IOT SECURITY EXPERTISE
Thinxtream follows secure SDLC principles in all IoT projects. We use tools, both free and licensed, to gauge the security of your IoT solution. Our engineering teams write scripts for various security tools, execute the workflows, generate reports, and analyse the results. Our operations teams configure network and computing infrastructure – Firewalls, HTTP Proxies, Virus protection, OS patches, etc. – for mitigating security issues.
OWASP Top 10 IoT vulnerabilities risks and the mitigation techniques
Best practices from Popular Secure Software Development Lifecycle processes – MS SDL (Microsoft Security Development Lifecycle), OWASP SAMM (Software Assurance Maturity Model), and NIST 800-64
Microsoft Threat Analysis and Modelling Tool to identify and mitigate potential security issues early during software development
Static code analysis tools such as Micro Focus® Fortify on Demand and VCG, for analysing code for standard vulnerabilities, and reporting threats and recommended fixes
Runtime Penetration testing tools such as OWASP's 'ZAP Attack', to identify different attack surfaces from the configuration as well as by crawling and launching attacks by calling hyperlinks and APIs with standard and random inputs
Regular security bulletins are prepared and circulated with engineering to assess the risk of new vulnerabilities and attacks on solutions in development and operations
We leverage popular IoT cloud platforms such as Azure® IoT Hub and AWS® IoT to address these security challenges successfully with end-to-end, multi layered protection.
AWS IOT SECURITY
Amazon Cognito®, a service for authentication and user management for web and mobile apps
AWS Identity and Access Management (IAM) to manage access to AWS services and resources securely
X.509 Certificate-based identity for devices
Secure TLS based communication between device and cloud
Amazon Free-RTOS®, AWS IoT Greengrass® OTA updates
IoT jobs mechanism to securely update the rest of the firmware
AWS IoT Device Defender® for continuously monitoring security compliance with best practices
Amazon CloudWatch® and AWS CloudTrail® logs, a centralized log store for AWS services and your application along with audit records
Amazon GuardDuty® to monitor malicious activity and unauthorized behavior
AWS Config® to assess, audit, and evaluate the configurations of your AWS resources
AWS security bulletins which notify customers of security and privacy events with AWS services
AZURE IOT HUB SECURITY
Azure® Active Directory (AAD) for user authentication and authorization
Azure IoT Hub identity registry for secure storage device identities and security keys for a solution
In-device X.509 certificate and private key as a means to authenticate the device to the IoT Hub
TLS 1.2 based handshake and encryption of communication between the device and the cloud
Azure Security Center to eliminate threats with easy-to-follow steps ranked by importance and configuration suggestions to help you improve your overall security posture
Azure Sphere to get multiple layers of defense, continuous device monitoring, OTA update and the ability to return compromised devices to a safe state
Azure Sentinel to provide intelligent security analytics for your entire enterprise
IOT SECURITY WHITE PAPER
Securing data pertaining to Connected Devices and Smart Services is critical to protect your business, customer and device information from cyber-attacks. Read our Security in IoT White Paper to understand how AWS IoT and Azure IoT Hub platforms address secure provisioning of connected devices, secure connectivity between the connected devices and the cloud, and secure data processing and storage in the cloud.
Also read our IoT and Blockchain White Paper to see how Blockchain distributed ledger technology and public platforms such as Ethereum™ can be used to store records of transactions between connected devices in a secure manner, curtail fraud and enable the customer to enter into genuine transactions.
Thinxtream Technologies is a global software company with a portfolio of innovative software platforms, components, solutions, patents, competences and services for Internet of Things (IoT) across several industry verticals and applications, successfully enabling leading customers, including Fortune 500 companies, meet their application, product and business goals.