subscribe: Daily Newsletter


Security is everything in IoT


The Internet of Things (IoT) is counted among emerging technologies that promise to transform the South African market.
While the opportunity for IoT is young in South Africa, its potential influence is far-reaching, writes Reshaad Sha, CEO of SqwidNet.
For example, in the mining industry, devices monitor air quality, seismic activity, shaft stability, equipment wear, and energy usage. In the logistics industry, sensors track and monitor vehicles and routes for efficiency and safety. The possibilities are endless.
With all of these benefits comes risk, as the increase in connected devices gives hackers and cyber criminals more entry points. A recent study by Ernst & Young in cooperation with Bitkom Research states that security concerns are the biggest obstacle in the industry when it comes to implementing IoT projects. This is not at all surprising; after all, the networking of machines involves highly sensitive data.
Adding more devices, sensors, and things to your network also has the potential to increase your attack surface. This is because the IoT is intimately linked to business-critical processes and because the IoT significantly broadens the surface of attack of business intelligence systems.
The launch of SqwidNet, an open-access IoT network operator in South Africa, is a welcome enabler in the country. SqwidNet provides listening posts for messages from various objects to store, manage, track, and operate communication signals for different purposes to connect the physical world and the digital world.
SqwidNet, based on Sigfox technology, addresses these security challenges through a systematic process. The communications between the base stations and the Sigfox cloud and the within the Sigfox cloud are secure, robust, trusted, and scalable.
SqwidNet and Sigfox’s focus on low-power, low-bandwidth communications makes network deployment fast, simple, and secure. Devices don’t actually stay connected to the Internet or any network, for that matter. They transmit signals without any session, handshaking, or waiting for a response between a network and the device.
Sigfox security features enabled through SqwidNet include the following:
* A signalling chip will only be active when it needs to send a message.
* A private key is used to send messages, and only a Sigfox platform understands the unique ID of the device.
* The network provides encryption from device to the Sigfox cloud.
* The cloud itself is protected by a firewall with restricted access.
* The protocol allows limited two-way communication within very specific communication windows.
* Extra security features of the protocol include anti-replay measures and strong encryption at multiple levels.
The downlink process of the SqwidNet network brings additional security robustness. When a device sends a signal, there is a small, 30-second window in which a response can be sent back to the device. If that window is missed, the response will have to wait for the next time a signal is sent from the device.
The fact that the objects choose when to communicate, at which frequency, and with a security key, offers multiple layers of protection against hackers sending them malicious commands.
How organisations embrace the IoT varies widely from industry to industry. What these industries and solutions have in common is the challenge of securely navigating the very complex technology involved in getting the insights that drive successful outcomes.
How secure is your network of choice? Great food for thought as we eagerly await solutions that will come with the growth of the South African IoT market, which is estimated to reach in excess of $2-billion by 2020 and is set to revolutionise all sectors, stimulating industry growth and economic development. Security is everything!