Whitepapers

Enterprise IoT Security Architecture and Policy Whitepaper

November 20, 2018

The hub-based approach provides a user-friendly centralised management solution

The IoT Security Foundation (IoTSF) has announced a new whitepaper that outlines the benefits that accrue by taking a hub-based approach to connecting IoT devices and systems in the enterprise. Entitled: IoT Security Architecture and Policy for the Enterprise – a Hub Based Approach the whitepaper proposes a hub-centric architecture approach that will accommodate contemporary and future possibilities.

“The hub is central to the reference architecture, aggregating information and communicating directly with other devices and network elements in the IoT environment,” says Richard Marshall, Plenary Chair IoTSF. “It can be visualised at the Edge of the network, providing a secure gateway for communication between networks.”

The hub architecture provides an extra layer of defence for the wider enterprise network and for those devices that may have minimal or no built-in security features. By aggregating information at a single point, all devices or groups of devices and other hubs, such as gateways deployed within the local IoT network, are managed centrally. This approach provides a robust and secure architecture beyond other options such a ‘tree’ or ‘hub-and-spoke’.

“It is important that enterprises are proactive in the way they build and manage their networks as IoT deployments increase. Good design anticipates the evolution of systems over time and extend beyond immediate requirements. Enterprises should therefore identify the primary IoT and security management needs for their organisation in advance of standard solutions becoming available,” continues Marshall.

By taking a layered approach to the security challenge and life cycle management tools in the enterprise IoT deployment, the hub architecture supports key principles of security assurance and good practice. These include network management, connecting devices securely, software maintenance and provision for end-of-life. As a result, it may also support a number of specific compliance requirements. For example, it may help mitigate risk associated with cyber security and data protection regulations, such as the recent European General Data Protection Regulation (GDPR) or support adoptions of the US Cybersecurity Information Sharing Act (CISA).

John Moor, Managing Director IoTSF adds: “This approach to enterprise IoT security is part of a series of hub-based architectures we are publishing that have been applied to a number of IoT contexts. Each illustrates the benefits that may accrue in the specific environment and all are considered to be a good approach to achieving common security goals of confidentiality, integrity and availability.” To download the whitepaper, please visit the IoTSF website at: https://www.iotsecurityfoundation.org/best-practice-guidelines

About the Internet of Things Security Foundation (IoTSF)

The mission of IoTSF is to help secure the Internet of Things, in order to aid its adoption and maximize its benefits. To do this IoTSF will promote knowledge and clear best practice in appropriate security to those who specify, make and use IoT products and systems.

IoTSF promotes the security values of a security-first approach, fitness for purpose and resilience through operating life. The security values are targeted at key stages of the IoT eco-system – those that build, buy and use products and services: Build Secure. Buy Secure. Be Secure.
IoTSF was formed as a response to existing and emerging threats in the Internet of Things applications.

IoTSF is an international, collaborative and vendor-neutral members’ initiative, driven by the IoT eco-system and inclusive of all parties including technology providers and service beneficiaries.

For more information, news and further announcements, please visit the official website at www.iotsecurityfoundation.org

Publisher's website.

SHARE:
Price: FREE

About the Provider

No data was found

TOPICS

Enterprise IoT, Management solution, security

PLEASE COMPLETE