March 14, 2018 | Grant Asplund
What role will data security play when you go to market… will it be your shield, or your sword?
Okay, so you’re building a new thing… when will it secure the data it creates?
The first question has to do with your strategy as you prepare to go to market. The second question is specific and, depending on the answer, will tell you the answer to your strategy.
If you are depending on ‘the network’ to secure your data using the multiple implementations of open source/proprietary transport encryption operating on virtually all of the RF based networks and the internet, I would suggest your data security strategy is one of a defensive posture and not an offensive one. Data security is a shield for you and your product. It’s not a sword. This is because you choose to place trust in the transport only data protection and, at each and every termination/network/protocol change, your data is exposed. You certainly can’t boast you’re doing anything differently or offensively approaching the issue.
Consider the journey of your data when it traverses from the M3/M4 based sensor via BLE to some mid-point and then via WiFi to some egress point and into the cloud, let’s say Microsoft Azure.
In the above described journey, the data is created and then transmitted using the transport encryption in BLE. Once it reaches the mid-point device the encrypted transmission must be terminated and then re-established, now over WiFi. The data will, at some point, leave the WiFi and be routed into the cloud and, once it reaches its destination (in this example, Azure) the encrypted tunnel will be terminated again and your data will be in the clear.
In this example, I might even argue the actual data is really never secured unless it’s being moved.
Now, just imagine all of the developers who left it up to BLE (4.1) to properly implement the security and encryption and long-term keys. Or all of those who felt the sting and consequences of the WiFi WEP vulnerability known as KRACK last November. What about once your traffic goes into the cloud?
So, how would the same example be different with the role of your data security as a sword. First, you recognize it is your data and the responsibility to secure and protect the data begins with you. Furthermore, by securing the data (compressing and encrypting) the instant it is created (within milliseconds) you’ve accomplished these key aspects of data security:
- First Mile Data Security – The instant the data is created it is immediately compressed and encrypted and only you have the keys to the data.
- Last Mile Data Security – The data remains fully compressed and encrypted until it reaches your application servers – zero exposure.
- Layered Security Strategy – By protecting the data the instant it is created you not only take ownership of securing and protecting the data but, you also create the first layer of a multi-layered security strategy so, when your WiFi encryption is KRACK’d again, your data won’t be!
We demonstrated our one-of-a-kind ‘first mile/last mile – and every mile in-between’ data security capability in the Arm booth at Embedded World in Nuremberg, Germany February 27 through March 1. We used a Nuvoton M2351 Arm Cortex v8M based weather station connected to Microsoft Azure. Immediately following the sensing and creating of the weather data, CENTRI Edge compressed and encrypted the data guaranteeing it will never be exposed (in the clear) until it reaches its application server, in this example, inside Microsoft Azure cloud services.
Go to market with a sword and advance your position by taking an offensive approach to data security. Don’t get owned. Own your own destiny and protect your own data the instant it’s created (okay, within milliseconds) and never leave it up to anyone else to care more about your data than you do.
Thanks for reading,
Grant Asplund is the Vice President of Sales and Business Development at CENTRI. Grant has over 30 years of experience in sales, marketing, business development and management in enterprise software. He enjoys sharing his thoughts on IoT security online and presenting at industry events. Connect with Grant on LinkedIn.