Security is often forgotten in IoT projects

For research projects and in IoT standards, security is an integrated part from the very beginning. However, many IoT projects within manufacturing companies starts in a “small scale” focusing on digitizing and launching pilots, without fully considering security. “If you do not consider safety from the outset, there may be a lot of unwanted consequences. IoT security is both easy and simple to get if you plan for it at the start of a project, “says Daniel Hjort, responsible for Smart ID at identity and security company, Nexus Group.

IoT (Internet of Things) has had a huge impact during the last years. Almost all devices are becoming connected in a network of smart systems. Everyone sees great opportunities to increase sales, reduce costs and streamline business with IoT, and there are many easy and available platforms to encode and develop the technology. By collecting, analyzing and acting on data, companies can save money, simplify the customer experience, reduce environmental impact and streamline their business. “It’s exciting to see how locations can be safer with, for example, camera surveillance, but it’s also worrying when you realize that the devices are usually only protected with a password”, says Hjort.

You test without thinking scalability and logistics

Manufacturers and the security industry see the enormous opportunities that IoT creates. A car company could launch next-generation connected cars, but safety would be lagging behind. They may want to test with one car model or choose a security service based on public key infrastructure (PKI) technology, but they soon realize that it is neither scalable, nor does it work in today’s global manufacturing and logistics process. “We see increased interest in the automotive industry, such as using IoT-PKI for Car2X, and Nexus software is a smart choice for both resolving security requirements and a cost-effective manufacturing process. We also help telecom companies with IoT interoperability, and we are already working with one of the world’s largest train brake manufacturers for safe identification and communication with the brakes on a train”, says Hjort.

The research projects provide enormous opportunity

Nexus is involved in several research projects: CEBOT, Secure IoT and Secredas. These projects aim to issue identities to resource-limited IoT devices, such as battery-powered sensors. It is ensured in each research and development step that all safety aspects are well taken care of. Research leads to great opportunities in platforms, protocols and standards where security already exists, but the security link must be included from the start of the development projects, otherwise it will be forgotten. “It’s crucial to understand the security challenges that exist, now when so many IoT projects are under way. Security should be included from the very beginning, and it must also be easy to include a high level of security. For example, usernames and passwords are no longer a viable solution. In this process, it is important to both protect users as well as corporate security”, says Daniel Hjort.