IoT Blog | August, 2017
Head of Business Development, Vodafone IoT
Shining a light on IoT security
Your Internet of Things (IoT) devices might be buried under city streets or out in the wilderness, far from the apparent safety of the office or data centre, with its locked doors and CCTV cameras. But our monitoring services can help identify the signs of an attack and check the status of your IoT devices, no matter where they are.
Cars and chiller cabinets. Smart meters and shipping containers. Defibrillators and diabetes monitors. Over 50 million IoT devices of all shapes and sizes are connected to the Vodafone network — along with the smartphones, tablets and PCs of more than 500 million people.
These devices generate staggering volumes of network traffic. We monitor it for suspicious events that could indicate a security attack in progress, as well as failures and other problems that might affect service. And we do this from our world-class Global Security Operations Centre, otherwise known as GSOC or just “the SOC”. With walls of screens and complex readouts, it looks a bit like a NASA mission control.
From the SOC, our analysts continuously monitor traffic and watch for emerging attack patterns across our network. They’re highly trained experts and they collaborate daily with other incident response teams around the world. But at this kind of scale, where many security events are detected every month, it would be impossible for even the brightest minds to keep up without some serious automation. That’s why we use the latest security incident and event management (SIEM) technologies and alerts from our firewalls, intrusion detection systems and analytics tools. They help us to focus on the most important threats in real time and take appropriate action to protect customer data.
The inner workings of our SOC are a closely guarded secret, but that doesn’t mean our customers are kept in the dark about what’s going on with their IoT devices. We think it’s important that IT operations and security teams have continuous visibility and the ability to respond immediately to an issue, without having to pick up the phone to us.
Vodafone IoT customers have secure access to a powerful web-based tool called the Managed IoT Connectivity Platform. It’s a one-stop-shop for seeing the operational status of each connected device. This applies no matter how many SIMs you have.
Security is built in from the ground up, with unique security keys. You can opt for a dedicated private access point (APN), preventing unauthorised access from devices that don’t have SIMs assigned to your organisation. And all data is encrypted in line with regional regulations.
Administrators can configure sophisticated business rules to raise the alarm as soon as a device starts behaving abnormally — for instance, if it starts using much more data than normal. Access to the portal is protected by two-factor authentication. From here, authorised users can lock down any device with the click of a button, or even set the portal to automatically disable any potentially compromised device.
In today’s world, cybersecurity attacks are a fact of life. No matter what defences you put in place to protect your devices and networks, there’s always a chance of a determined hacker getting lucky. That’s why we believe monitoring is so important.
What can you do?
To find out more about our work in monitoring and securing the IoT, take a look at our new IoT Security White Paper