The global market for the Internet of Things (IoT) is growing rapidly, with new devices connecting to the Internet every day in virtually every industry and geographic area. IoT devices can be monitored and managed from a smartphone or computer, thereby promising increases in convenience. Unfortunately, this added convenience often comes at the cost of security.
IoT devices are notoriously insecure, and there are several high-profile cases of IoT devices being hacked on a very large scale or used to create massive botnets simply through the exploitation of basic security flaws. As enterprises grow their IoT initiatives, the need to properly secure these devices will grow exponentially.
The core functionality of many IoT devices requires constant monitoring of its environment with a camera or microphone. IoT devices may be secured via hardware or software solutions. Each option has both advantages and disadvantages.
Software-based IT security for IoT
Software security solutions are generally designed to run on any type of hardware, and as a result they can be more consistent and cost-effective to implement compared to hardware-based solutions.
Software can be duplicated and updated easily an inexpensively. Setting up or deploying updates for a software-based solution company-wide is generally more affordable than purchasing and installing individual hardware solutions for each IoT device.
Read the Complete IoT Security Guide
Everything you need to know about securing your IoT or IIoT deployment.
A wide range of software-based security solutions are available in the marketplace, and many of them can run on a wide variety of devices and operating systems. As a result, an organization may be able to invest in a single security solution and deploy it across its entire network.
This consistency can simplify operations and reduce IT security support costs. However, software solutions do not have a dedicated processor and therefore place a load on the host processor which impacts overall system performance. In addition, software is generally easier to hack than proprietary hardware, especially embedded algorithms.
Hardware-based IT security for IoT
With hardware-based security, a physical appliance is used to secure the IoT device. Hardware-based security solutions often demonstrate improvements in efficiency and effectiveness as compared to software-based solutions.
With software-based security solutions, code must be run on the processor of the device being protected. If the IoT processor is not sufficiently robust to execute these particular operations, security may come at the price of reduced performance.
Meanwhile, hardware-based security solutions run on a chip specifically designed and optimized to perform its particular duties. For example, hardware-based security solutions often have hardware-optimized encryption and decryption routines, which can provide much better performance than anything currently available on a general processor.
Hardware-based security is also often more effective than software-based solutions. Security software generally has little or no visibility into the operations of the IoT device, and this can be dangerous.
As demonstrated by attacks like Rowhammer, Meltdown and Spectre, attacks performed at the hardware level can be invisible to and capable of evading software-based security solutions. Likewise, supply chain attacks in which malicious hardware is embedded into an IoT device, can remain invisible to software-based security solutions.
Sensitive information such as keys or random number generators can be hard-coded into the hardware which makes them more difficult to discover.
Hardware can be more challenging to compromise in situations where equipment is physically accessible. In addition, hardware-based security solutions operate at the bottom level of the device’s operations stack, making it more effective than software-based security.
Read the Case Study: Securing IoT Surveillance Cameras
A Fortune-100 enterprise with thousands of retail locations found themselves with security cameras with a weak security posture.
Finding the optimal security solution for your IoT needs
The decision between hardware-based security and software-based security for IoT really boils down to effectiveness. Software-based security solutions generally have lower upfront costs.
Unfortunately, although software-based solutions are less expensive to implement and update, they are also more vulnerable to attacks. Hardware-based solutions may be more expensive and time-consuming to implement, but in the long-run, this type of solution is better positioned to protect sensitive communications and data from exposure.
Attila’s GoSilent is an affordable off-the-shelf hardware IT security solution that connects to any IP-enabled device and does not require a team of specialists to set-up and configure.