Witekio VP of Engineering Marc Balme joined other IoT experts at SIDO Lyon on a panel dedicated to all things security, from edge to cloud.
Speakers – Device Security: From the Edge to the Cloud
Marc took the stage alongside Cybersecurity Business School founder Guillaume Collard, Sierra Wireless Marketing Director for Mobile IoT Solutions Benoit Tournier, and Anima Conseil consultant Steven Dolbeau in the panel titled Device Security: From the Edge to the Cloud. Over the course of 45 minutes, Marc and his co-panelists explored all aspects of connected device security taking in everything from hardware to software, data processing to architecture, and security strategy for businesses deploying their IoT solutions at scale.
Processing and protecting data on IoT networks
With SIDO Lyon being one of the premier IoT, AI, robotics, and XR events in Europe, it was not a surprise that the panelists explored the implications of the European Union’s GDPR regulations on processing and protecting data on IoT networks. Whether managed on the edge or transferred to cloud servers for processing, securing personally identifying data is essential for connected device vendors. Whether that data is of low value on the edge (for example, temperature readings and timestamps on a single IoT device) or high value in the cloud (for example, analytics and unique IP) the importance of protecting that data from malicious actors was a key consideration for Marc and his co-panelists.
Data stored and processed on IoT devices is not always low value
Marc offered the example of healthcare and MedTech devices that store and process highly personal and highly valuable data both on the device itself (the edge) and in the cloud. In such cases, the hardware security of individual devices can be as important as securing connectivity vectors cloud servers.
What is the best practice for IoT device security?
Marc and his co-panelists were pushed to define how to do security right – essentially, were there any guiding principles that could be applied no matter the device and no matter the use case?
The panelists concurred that best practice device security starts with outlining the needs of all stakeholders – designers, data processors, end-users, and more – and ensuring that all those needs will be met. Marc encouraged the adoption of security by design principles, too, a rejection of the all-too-common ‘security as an afterthought’ that all-too-often leads to security challenges and compromised devices.
Most important of all, though, is having a clear vision of security from edge to cloud. It is important, the panel concluded, to understand that security is not a point in time but a practice. Device security is a long-haul commitment to users and investing in security is a key means to building a product’s reputation for quality as well as the brand equity of the vendor.