Embedded & Cloud Security in the Internet of Things in 2018


​​​​​​​​​​​​​​​​​​​​​​​​​​​Gemalto’s IoT Security solutions are driving innovation so that we can all realise the benefits of a totally connected world.

There are many ways an attacker can access features or data on a connected device. The three main target hacking points are:

  1. the device,
  2. the cloud infrastructure,
  3. the network.​
Let's dig in.

IoT security consulting and certification services:Security Lifecycle Management, Secure the Device, Secure the cloud

IoT security to protect data

The Internet of Things​ (IoT) impact the way we interact with the world around us. Billions of "things"​ are talking to each other – from TVs, fridges and cars to smart meters, health monitors and wearables. 

As Gartner forecast 20 billion connected things by 2020​, wireless networks, computing power and data moving around are increasing. This opens up exciting new business opportunities and a trail for economic growth. But it also opens the door to a variety of new security threats. ​ 

IoT Security is key to gain and retain consumer trust on privacy and to fullfill the full potential of the IoT promise. Recognized as global leader in digital security​, Gemalto is uniquely positioned to provide leading edge IoT security solutions and services to protect your connected objects, from the design and manufacturing stages, through their e​ntire lifecycle, guarding data against malevolent attacks.   

Gemalto sees three essential pillars to secure the IoT data at rest and in motion:

1. Securin​g the Device​

Gemalto’s embedded software and hardware solutions for consumer electronics and M2M help Original Equipment Manufacturers (OEMs) and Mobile Network Operators (MNOs) overcome security challenges:

  • M2M-optimised SIM​ and embedded SIM (eUICC)​: both tamper-resistant environments represent a strong authentication token for cellular applications. They encrypt and authenticate data and securely identify devices on global mobile networks​.
  • Cinterion Secure Element​: the hardware component, embedded in devices, provides the maximum level of protection at the edge, for the most critical IoT applications. Its tamper-proof environment works as a ´safe´ for secure storage of encryption keys and security credentials. Embedded cryptographic tools ensure high personalization to the IoT object, giving it a strong identity and solid device authentication on networks.
  • SafeNet Ha​rdware Security Modules (HSMs): HSMs excel in safeguarding the most sensitive IoT devices´ keys which are centrally stored (on servers or other systems). The hardened, tamper-resistant environment act as a trust anchor to protect the cryptographic infrastructure of some of the most security-conscious organizations in the world.  
  • Trusted Key Manager​​: the new solution authenticates IoT devices and secures data exchanges on both cellular and non-cellular networks, such as LoRa​, preventing unauthorized devices and IoT players from joining the network. ​It enables strong digital security through a simple and trustful mechanism of secure key​​ provisioning, remote cr​edential activation and lifecycle management.​
  • IP​​​ Protection: we protect the intellectual property of embedded software applications and data files, preventing reverse engineering or tampering 

2. Securing the Clo​​ud

Some major forms of threat come from the enterprise or cloud environment that smart devices are connected to. Gemalto solutions for data encryption and cloud security provide a comprehensive portfolio for cloud service providers and enterprises to secure their enterprise and cloud assets. Our cloud-b​ased licensing and entitlement​ solution ​helps technology companies leverage the full potential of the cloud environment, ensuring their intellectual property is secured.

3. IoT Security Lifecycle Management

Often overlooked, managing the lifecycle of security components across the device and cloud spectrum is a critical element for a robust and long-term digital security strategy. Security is not a one-off activity, but an evolving part of the IoT ecosystem.

Adding new devices, end-of-life device decommissioning, device integration with a new cloud ecosystem, managing secure firmware/software downloads - all these activities necessitate comprehensive management of identities, keys and tokens. Gemalto provides solutions to build a sustainable security lifecycle management infrastructure, to address current and future security threats:

Leave the complexity to us!

Embracing the IoT requires a new way of thinking about how industrial systems are designed and used. Security by design - building security into products from the ground up - is imperative to ensure devices are shielded from attacks as much as possible, from the core to the edge, and through their entire lifecycle. 

Working out which solutions are right for you might seem like a gargantuan task. Our IoT Security team is here to help you every step of the way to ensure you get the right combination of reliable, future-proof, and scalable security solutions, adapted to your business:

  • ​​​​​IoT Security Consulting Services: whether designing a new IoT solution or evaluating an existing connected device, Gemalto help enterprises identify, analyze and mitigate risk by designing end-to-end security architectures that safeguard assets and data. We provide thorough penetration testing of devices and systems including reverse engineering and physical and logical manipulation to ensure appropriate security solutions are in place.


Last updated:

 Documents

  • The State of IoT Security – Global Survey Report

    Gemalto partnered with market research group Vanson Bourne on a new global survey exploring the state of IoT security. The survey report goes through the key learnings and how IoT players perceive the risk and challenges of securing the IoT ecosystem.

    Download the report
  • GSMA Webinar - Securing the future of the IoT

    In this webinar, we discuss the security challenges within the IoT and why security guidelines are so important. You will hear mobile operators and their partners discuss their role in securing the IoT - covering endpoint devices, service platforms and the mobile networks themselves. Loic Bonvarlet, IoT Product Marketing Director at Gemalto, specifically discusses the role of Gemalto in securing the IoT and building an end-to-end security architecture.

    Listen to the webinar
  • Define your security model for your IoT solution

    Securing the IoT – Build a foundation of trust

    In this webinar, you will hear about Gemalto´s approach to securing the IoT and the process to build a solid foundation of trust for your IoT developments. We guide you through the robust and remote solutions that can create a sustainable security lifecycle management infrastructure.

    Watch the webinar
  • Trust is Everything

    The Gemalto Pocket Guide to Securing the Industrial Internet of Things

    In an age where everything is connected and cyberattacks are inevitable, trust is essential. Gemalto delivers the solutions, services and platforms that protect Machine-to-Machine (M2M) and Internet of Things (IoT) applications from the edge to the core.

    Download the guide
  • A Safer Internet of Things

    Gemalto’s Guide To Making the Internet of Things A Safe Place To Connect

    Download the eBook