IoT security

Time to get tough in the IoT

IoT security

By 2025, we’re going to have more than 25 billion connected devices in the world. It’s a vast opportunity but it also brings vast risk. How do you keep billions of devices secure? How about the networks they run on? How do you make sure the data from all those devices isn’t compromised?

IoT security cannot be an afterthought or an add-on. Security must be built in from the beginning.

When it comes to IoT, security requirements are unique. Connecting devices is different from connecting individual people and personal computers. To verify its identity, an IoT device can’t simply enter a password as a person would. Similarly, the systems that run our PCs are regularly updated, but IoT has to work all time.

A reliable infrastructure is a must, and this is especially true for mission-critical applications. 3GPP technologies provide this reliability. The IoT expands rapidly, and security must be end-to-end.

Factors impacting IoT security

  • Data based decisions need reliable data. Vital decisions related to business, safety and health are increasingly based on data. To make the right decisions, data must be accurate and secure.
  • Different devices require different solutions. Devices come in different in shapes and forms. Some devices are capability constrained with very limited capabilities and for such devices traditional security methods are not possible to use.
  • End-to-end ecosystems security. In IoT, success depends on collaborative ecosystems of device manufacturers network providers, platform providers, app developers and end-users. Ensuring end-to-end security of the ecosystem is crucial.

Building trust in IoT

Trusted identities

As the number of connected devices grow, identifying each device becomes increasingly important, and complex. Device identification is done on the connectivity or application level. SIM, and the evolution to embedded SIM's (eSIMs), provide good protection of the device connectivity identity. For device identification on application level, certificates are commonly used. Identity and Access Management (IAM) systems verify the identity of a device and what data it has access to. 

Learn more

Trusted data

In an IoT where many decisions are data-driven, it is crucial to ensure that each device is behaving as it should, and its data has not been manipulated. Breaches need to be detected as quickly as possible to limit possible damage. Data needs to be protected in transit, and 3GPP networks support security controls to preserve data integrity, confidentiality and availability to guarantee the security and privacy of the information.

Trusted connectivity

Network availability and reliability are important security objectives for IoT systems. With ICT infrastructure under constant attack, traffic separation and protection technologies reduce the risk of costly downtime and denial-of-service (DoS). Traffic separation methods, including the 5G network slicing concept, will provide isolation of network, application and security functions, allowing service providers to offer different security levels for different network slices. Transport Layer Security (TLS) and Internet Protocol Security (IPSec) encrypt data to ensure traffic protection.

Learn more

Privacy and confidentiality

Respecting the right to personal data protection is increasingly difficult, as personal information can be drawn from analyzing IoT device data. The pressure to protect and anonymize data increases with the enactment of Europe's GDPR. Non-compliance could have serious consequences for the bottom line of any company operating in the EU.

Security management for IoT

IoT security management must be approached in new ways, moving from reactive and manual to proactive and automated. The sheer volume of devices that will get connected calls for security automation, and enhanced security analytics capabilities.

Learn more
People looking att NOC screen

Device security

Robot arm and drone

To enable a trusted end-to-end IoT service, all devices that get connected must be secured. They should follow standards from regulatory bodies such as GSMA, CTIA and national regulation, as well as any relevant industry standard.

Ericsson offers comprehensive testing to help safeguard IoT devices from growing cybersecurity threats.

Read more about device security certification

The latest highlights from IoT Security

Securing your Industrial IoT ecosystem against cyber threats

With Industry 4.0 come inherent security risks. How will you safeguard your devices, data and systems from potential threats as Industry 4.0 takes hold? Security is the question on the minds of many as industries move forward with digitalization to create value and boost economic gain.

Three ways to boost IoT security

Read our blog post to learn more about boosting IoT security. How do you keep billions of devices secure? There is no single answer to that, but this blog post looks at three ways in which to increase IoT security and make it safe for business.

Top IoT security concerns and ways to address them

Securing your home, workplace, or country is a complicated business. The larger the area that you need to protect, the more exposed it is to security breaches. IoT security can be tricky. After all, the greater the number of connected devices the greater the risk of exposure to advanced and persistent threats (APT).

End-to-end Security Management

Industries everywhere are digitizing, which is creating a multitude of new security requirements for the Internet of Things (IoT). End-to-end (E2E) security management will be essential to ensuring security and privacy in the IoT, while simultaneously building strong identities and maintaining trust.

Ready to learn more about IoT Security?