Images

© Shutterstock.com - BeeBright

What functions must IoT platforms have to protect the security of data and systems? Here are the most important requirements:

Secure networking

Network segmentation: The concept of Industry 4.0 and "Bring your own device" (BYOD) means that the number of connected devices within a network is constantly increasing. Hackers are taking advantage of this trend and are increasingly developing malware that can quickly spread from one system to the next. In addition, companies are still designing their security concepts against external threats. Once an attacker has overcome this hurdle, they can spread throughout the network undisturbed. Network segmentation offers an opportunity to slow down or even stop cyber attacks. This involves defining areas within the company network with comparable protection requirements and separating them from each other using IoT security gateways.

Securely connect machines, users and devices: Machines and systems can be connected to the higher-level IoT platform via a gateway. The gateways are able to read different protocols, such as S7, OPC UA or Modbus, and convert them into a standardized protocol for transmission to the platform. However, the gateway not only provides the connection, but also makes a significant contribution to increasing IT security. A gateway such as the Endian 4i Edge 515, for example, combines several security features, including anti-virus software, an intrusion prevention system (IPS) and a firewall. A gateway should never limit the choice of IoT platforms so that companies remain flexible.

Data security and authorization management

Data security through encryption and on-premises: VPN end-to-end encryption ensures maximum data security, i.e. from the machine to the higher-level IoT platform. This prevents data from being stolen or manipulated during transmission. Here too, it is advisable to connect gateways upstream of the infrastructure. This allows encryption to be implemented quickly without interrupting ongoing operations.

Although the current trend is clearly moving towards cloud applications, fully functional IoT platforms are also available as on-premises solutions. This means that the user company operates the platform in its own data center or on rented servers in the data center of its choice.

Multi-client capability: This term refers to the ability to logically separate and manage data in a database. Each user of the platform only has access to the data that is relevant to their task. This ensures maximum data security despite the single-platform architecture. The multi-client capability of the IoT platform used is an important prerequisite for the development of digital business models.

Authorization management: Granular authorization management increases the security of connected machines and systems. Individual users or user groups are only granted access to the functions for which they have previously received authorization. If a user leaves the company or changes department, their authorizations can be easily adjusted or deleted. By logging all access, it is always possible to trace who was logged in to a machine and when, and what actions they carried out there.

Manufacturer-independent and intuitive

Scalability and open source: There is no reliable forecast of what technological innovations the market will produce in the next five to ten years. IoT platforms must therefore be able to smoothly integrate future technological developments. Open source-based platforms offer the necessary flexibility for these unpredictable future scenarios. Their open architecture and open source make them adaptable and manufacturer-independent. They also offer the possibility for individual extensions.

Usability: Digital inventions and solutions that have been particularly successful in recent years are characterized by a high level of user-friendliness. Users in the B2C sector are used to solutions that are intuitive to use and expect the same in the B2B environment. This is why only an IoT platform that is intuitive to use will be accepted by employees. User-friendliness also prevents users from trying to circumvent the IoT platform by developing simpler solutions around it, which in turn undermine the holistic security concept. Integrating the corporate identity of the user company also increases acceptance.

The author: Raphael Vallazza, CEO of Endian