infographic-website-header

A New Approach to IoT Security Evaluations

September 19, 2016

Security threats have the potential to undermine confidence in the IoT. As such, ensuring end-to-end security and data privacy for IoT solutions is increasingly an industry priority. The security challenges are threefold:

Organisational

Contrary to traditional IT services, successful deployment of IoT solutions requires the collaboration of a large ecosystem, from IoT device manufacturers to network operators to IoT developers and service providers. The lack of consistent terminologies in the IoT and IoT security industry in particular further complicates successful collaboration and deployment.

Commercial

A large number of IoT devices and services are at risk of never being launched to market, because security concerns and risks outweigh the benefits of investment – making security a serious deployment barrier.

Technical

Traditional internet security methods, while still applicable, don’t necessarily address new challenges that are unique to the IoT. These include service availability, secure identity, data privacy, and service integrity in devices that are low complexity and low cost, have constrained power supplies, very long lifecycles and are physically assessable to hackers.  The industry will also have to rise to the challenge of remotely monitoring and maintaining the security of billions of new devices throughout their entire lifecycles.

 

End-to-End Security

Many challenges of IoT security can be addressed with the expertise and assets of mobile network operators, such as the use of private APNs to isolate endpoint devices, communication monitoring to detect unusual traffic activity, and use of SIM cards to enable secure network authentication.

However, security at network level is not enough, for security can be compromised on multiple levels such as physically within endpoint devices, at the service layer, and within the service platform. As a result, IoT security is dependent on all players in the ecosystem, meaning that the end-to-end solution can only be as strong as the weakest link in the chain.

 

IoT Security Evaluations

Consequently, the IoT industry requires different best practices for security which build upon traditional IT security approaches, but focus on the new challenges ahead. The GSMA IoT Security Guidelines promote such best practice for the secure design, development and deployment of IoT services, covering the entire ecosystem while addressing security challenges unique to the IoT.

The complexity and diversity of the IoT ecosystem as well as the quick pace of technological development is creating obstacles for using traditional methods of security evaluation for IoT, such as using a lab based security certification. Traditional methods are often geared towards a single product and may not be applicable to the whole ecosystem. Instead, light-touch benchmarking tools and general approaches are better suited to accommodate the complexity of the IoT ecosystem which contains a diversity of stakeholders and components.

The GSMA IoT Security Self-Assessment covers security controls for the whole ecosystem and further enhances the alignment of all stakeholders by putting in place a concise framework with consistent terminology and a structured approach to IoT security information.

infographic-website-header

 

The scheme enables companies to discover if their security measures align with the best practice outlined in the GSMA IoT Security Guidelines. Companies can use the scheme to address weaknesses in their products and services, and demonstrate to their customers that they’ve taken Cybersecurity seriously.

Take Part Now

 

Back

The IoT Guide to MWC17 Mobile technology is playing an increasingly crucial role in the Internet of Things, helping to connect everything from sophisticated automobile equipment, to simpler, low power ...

Read more | See all Resources

Building Smart Cities – The Crucial Role of Mobile Operators This video explores the definition of a smart city, the value that mobile operators bring to smart cities, and advice to governments and city planners looking to deploy smart cit...

Read more | See all Resources

How Digital Health can Alleviate the Pressure on Healthcare Systems Digital health has the potential to overcome many of the issues that modern healthcare systems face. In this video, our Vertical Engagement Specialist for Health, Rob Childs, out...

Read more | See all Resources

MIoT Test Requirements The purpose of this document is for establishing test procedures for the verification of LTE CAT-M1, CAT-NB1 and EC-GSM-IoT devices ahead of the official introduction of test cas...

Read more | See all Resources

MIoT Test Cases This document provides the test cases that may be carried out for LPWA (Low Power Wide Area) Mobile IoT modules and devices that are to be deployed on early adopter networks prio...

Read more | See all Resources

Smart Cities at Mobile World Congress 2017 GSMA Connected Living Seminar   IoT Elements: Bringing the Smart City to Life Tuesday, 28 February 2017, 12:00 – 14:00 Discover how secure smart city solutions are being d...

Read more | See all Resources

IoT Safety Jacket in Action A short while ago, Korea Telecom demonstrated the power of the Mobile IoT, by unveiling it’s IoT Safety Jacket; a product equipped with sensors that detect movements of a...

Read more | See all Industry News

How Operators have made Strides in Improving IoT Frameworks Several key milestones were reached last year by those laying the groundwork for the Internet of Things (IoT).  Impressive progress has been made in preparing the architecture o...

Read more | See all Industry News

LPWA Market Forecast: Connections Will Grow by 3 Billion in Under Ten Years The number of low power wide area (LPWA) connections is set to grow to 3 billion in 2025, up from 59 million in 2016, according to Machina Research. The latest data from the rese...

Read more | See all Industry News

Mobile Technology: the Unlikely Solution to the World’s Water Crisis Stress on the world’s water supply is increasing. According to the 2015 WHO/UNICEF Joint Monitoring Report, a third the world’s population do not have access to adequate sani...

Read more | See all Industry News

Telekom Austria Group is the first network operator in Austria to test NB-IoT in Milestone in the history of mobile communications in Austria: NB-IoT modem delivers measurement data to server in real time NB-IoT as the dedicated mobile communications network ...

Read more | See all Industry News

ESMIG, GSMA AND SIMALLIANCE Call on Utilities sector to Adopt GSMA Embedded SIM The GSMA with partners, ESMIG and SIMAlliance have published a new report written by analyst house, Beecham Research that highlights the importance of the GSMA Embedded SIM Speci...

Read more | See all Industry News

Webinar: Unlocking the Value of IoT Through Big Data February 01, 2017 The Internet of Things is generating a huge amount of data that is currently retained in vertical silos. However, a true IoT is dependent on the availability and conflu...

Read more | See all Connected Living Events

Connected Living at TEISS 2017 February 21, 2017 The European Information Security Summit 2017 (TEISS) is one of the largest and most comprehensive cyber security summits in Europe, featuring conferences on culture an...

Read more | See all Connected Living Events

Mobile World Congress 2017 February 26, 2017 Mobile. The Essential Element of IoT The Internet of Things will connect a new generation of smart devices, enabling big data and providing invaluable business opportun...

Read more | See all Connected Living Events

GSMA Global Mobile IoT Summit February 26, 2017 Mobile IoT (licensed spectrum low power wide area) networks will play an important role in connecting up the billions of new devices making up the IoT. Low Power Wide A...

Read more | See all Connected Living Events

IoT Elements: Bringing the Smart City to Life February 28, 2017 With 27 billion devices connected globally by 2025, the evolution of smart cities will change our everyday lives, from improving traffic flow to managing pollution and ...

Read more | See all Connected Living Events

Mobile IoT (LPWA) – Open for Business March 01, 2017 Low Power Wide Area (LPWA) is an emerging part of the IoT and represents a huge market opportunity as the IoT scales. Analyst firm Strategy Analytics anticipate there w...

Read more | See all Connected Living Events

Contact GSMA Legal Email Preference Centre Copyright © 2017 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.