CharlotteODonnelly avatar image
CharlotteODonnelly posted

IoT World: When it Comes to IoT Security, the Stakes are High

Are you at IoT World this week? The CA Mobile API Gateway team is attending for the first time, and we are excited to share our perspective on IoT security and some of the ways we are delivering real value in the space. Make sure to stop by our booth for a live demonstration of how CA Mobile API Gateway powers secure end-to-end integration and real-time data flow between users, apps, and devices.

We View IoT as Security-First 

We?re approaching the problem of IoT security from a somewhat unique perspective. While you won?t see us showcasing an IoT ?product? ? sorry, no smart refrigerators or connected thermostats from our team ? our mobile-first, API management software serves as a key enabler for the Internet of Things.

How? Let?s consider the architecture on which real IoT use cases are built. Just like mobile, IoT achieves its value from connectivity and integration and is powered by APIs that transform physical experiences from devices and connected products in the field to digital experiences mapped out by data.

Take, for example, a freight truck hauling temperature-controlled cargo. In the truck are two products that need to be kept at different temperatures to maintain optimal product condition. Sensors in the truck generate continuous real-time data from the freezer about the cargo and it's current temperature. This data is published to a mobile app accessible by the driver that graphically displays real-time temperature conditions.

If these products are high-risk or high-value, it?s important to know not only the temperature readings but also to ensure the identity of both the cargo and the driver and provide end-to-end security for the system. CA Mobile API Gateway acts as a secure data processor protected by industry-leading security protocols like OAuth 2.0and OpenID Connect. The ?triangle of trust? is achieved as users, apps, and devices are integrated, authorized, and secured by the gateway, and verified on a continuous basis.

Without IoT Security, IoT Fails

Even a seemingly ?simple? IoT use case like this opens the enterprise to many points of failure or compromise. There?s the IoT hardware, the data it generates, any cloud storage or processing, and the mobile app that are all areas of vulnerability for attack if security is not adequate. Additionally, if the data is not generated, processed, and reviewed on a real-time basis, the system fails. While this may not be a significant risk for a few cartons of spoiled milk, think about shipping things like medical supplies or organ transplants. The stakes are much higher.

Our IoT World Mission

These are the kinds of problems that make IoT so exciting. It enables solutions that were not previously possible, but it is critical that these solutions perform. If you?ll be at IoT World this year, be sure to visit CA?s booth and speak to the Mobile API Gateway team to learn how we are tackling these IoT security challenges across industries as diverse as healthcare, banking, retail, and government.

10 |600

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.



CharlotteODonnelly contributed to this article