Building enterprise Internet of Things (IoT) systems must start with reviewing and strengthening your current IT security to prepare for potential additional risk exposure. Then, understanding the security posture of connected devices being added to the network determines what smarter edge architectural components, such as IoT gateways, are needed to establish and defend functional integrity and enable protection from risks of less capable connected sensors and legacy equipment. This session will discuss the unique security risks in IoT ecosystems and the strategies and tools for addressing them.
2. 2
Dell - Internal Use - Confidential
Malware spawns botnet in 25,000
connected CCTV cameras
Krebs site becomes target of a massive
DDOS attack; 620Gbps of traffic from IoT
botnets
The need for security in IoT is real, but don’t be paralyzed.
3. 3
Dell - Internal Use - Confidential
Edge CloudFog
Security, Manageability, Analytics
The IoT Requires Architecting from Edge to Cloud
4. 4
Dell - Internal Use - Confidential
Edge CloudFog
Device Gateway Data Access Monitoring
Key IoT Security Concerns
5. 5
Dell - Internal Use - Confidential
Onboarding & Provisioning
Authentication
Data Integrity & Confidentiality
Behavior Analytics
Device Considerations
6. 6
Dell - Internal Use - Confidential
Device
Silicon Providers -
EPID SDK for identity
& attestation
TEE
EPID
SDK
TB
Client
IoT Platform
Management Service
Mgr Agent
MP Service
Identification
Initial Device
Identification
(EPID
Attestation)
Take Ownership
Device Securely Onboarded
> Under Normal Platform
Control
New Owner
Supplier
TB
SDK/API
Platform Registration
Service
Platform Manager
Service
CSPs - integrate TB
API into their IoT
Platform
Intel Trust
Broker
Service
TB Service - brokering
service from Intel
Ownership
Proxy
OEM/ODMs - board and
gateways- integrate TB
client software into their
boot code
12
3
4
Secure and Trusted Onboarding
7. 7
Dell - Internal Use - Confidential
Threat Intelligence
Best Practices, System Hardening
Secure Boot / Execution
Secure Credential Storage
Gateway Considerations
8. 8
Dell - Internal Use - Confidential
Authentication and Authorization
• Inbound/outbound connections
• Using industry standards (e.g. OAuth)
Data Integrity
• Integrity and provenance
• End to end data protection
Secure Credential Management
• Keys & Credentials
• Access Tokens
Secure Access
9. 9
Dell - Internal Use - Confidential
Security Monitoring
Global Visibility
• Monitoring gateways & attached devices
• Monitoring inbound and outbound connections
Alerting and Reporting
Operational Security and Forensics
• Integration of IT and OT practices
• Understanding of unique OT protocols
Information
Technology
Operational
Technology DMZ
-
Convergence
10. 10
Dell - Internal Use - Confidential
Maintenance and Update
Secure Maintenance Access
• Multifactor authentication
• Permission based access
Secure Software Update
• Over-the-Air (OTA) and Over-the-Network
(OTN) updates
• Trusted code
11. 11
Dell - Internal Use - Confidential
“Security Usability”
• Balance “instant gratification” with
locking systems down
• Address needs of all stakeholders
(e.g. IT, OT, Technicians)
Limit your attack surface
• Employ different architectural
models
• Leverage tools to separate areas of
concern and vulnerability
Meta
Considerations
12. 12
Dell - Internal Use - Confidential
Security will be a key success factor in
IoT deployments
Right-size security implementations
for differentuse cases
Leverage trusted advisors who:
• Understand / take a holistic view
• Offer a layered approach
• Have ecosystem of partners to fill
gaps
Conclusions
13. 13
Dell - Internal Use - Confidential
Dell Technologies practical approach reduces
risk and complexity and drives faster ROI
Curated technology
and services partner
program
Industry’s broadest
infrastructure
portfolio
Proven use-case
specific solution
blueprints
14. 14
Dell - Internal Use - Confidential
Project Financing Options
$4B of hardware financed yearly
Global Scale and Support
165+ countries supported with 2200 service centers
Trusted Brand
Brought you the world’s most secure notebook
Run mission critical OT applications
In 98% of Fortune 500 companies
The Dell Technologies difference
15. 15
Dell - Internal Use - Confidential
IoT Industry Leadership & Recognition
Multiple BEST product
design awards
Recognized for
market leadership
50+ Partners in IoT
Partner Program
TBR Reference: Top20 IoT Enterprise Market Leader (CRNbyTBR)
16. 16
Dell - Internal Use - Confidential
Next Steps
MT81 - Keys to Successful Enterprise Internet of Things Initiatives
MT82 - Internet of Things Security Starts at the Edge
MT83 - IoT Analytics from the Edge to the Core
MT84 - Innovations in IIoT and Smart Manufacturing
MT85 - Challengesat the Edge: Dell Edge Gateways
HOL11 - Hands-on-Lab: Build an Internet of Things System
Attend other IoT sessions
Visit the IoT solution showcase for live, interactive demos
• Factory optimization
• Energy Management
• Remote asset management
Connect with us
• dell.com/IoT
• Twitter @delloem
• LinkedIn:
• GE Minds + Machines
• Predictive maintenance
• Smart Infrastructure
• Supply chain management