How can we better establish trust with IoT devices and thus ensure the security of our network?


There is a drastic increase in the adoption of the Internet of Things (IoT) technologies. Unfortunately, there is a fundamental problem with IoT devices; specifically, in ensuring whether they are trustworthy.

In traditional Information Technology (IT) systems, we can establish trust through several methods:

  • Joining IoT systems to a domain,
  • Enforcing common security policies across many systems, and
  • Deploying security software on the IT systems to protect them from threats.

With IoT devices, this is usually not possible mainly because of how these devices are engineered. The techniques that have been used so far to protect IoT devices involve deploying Intrusion Prevention System (IPS) on the boundary of a network to protect those IoT devices. We are looking for a solution that provides Cyber Defence teams with the ability to protect IoT devices that move outside of the defined network perimeter. Furthermore, this solution must determine if an IoT device is trustworthy when first deployed on a network or if the previously determined trustworthiness of the device has somewhat changed.

Finding a way to address this problem is more critical than ever as the rapid adoption of IoT systems coupled with the roll-out of 5G communications will most probably result in an exponential increase in IoT systems.