Gemalto Safenet Solution for IOT Security
 

Smart Grid & AMI Security Solutions

At a time where energy utilities play an increasingly important part of our everyday lives, smart grid technologies, including those leveraging the Internet of Things (IoT), introduce new smart grid security challenges that must be addressed.

Implementing a smart grid without proper advanced metering infrastructure (AMI) security could result in grid instability, loss of private information, utility fraud, and unauthorized access to energy consumption data. Without the proper security, the benefits of IoT-based energy such as trusted by-directional communication between applications and devices, as well as secure collection of information for accurate big data analytics, would not be realized. Effective security arms manufacturers, consumers and utility providers with the confidence to leverage the power of the IoT.

Building a trusted secure smart grid will require robust smart grid security solutions that can be easily deployed at the communication and application layers of the smart grid infrastructure.

Areas where smart grid protection is critical include:

• Device manufacturing
• Secure communications
• Internet of Things (IoT) devices and applications
• In-field firmware updates and provisioning
• Device authentication
• Secure meter management
• Protection of the integrity and privacy of data

The Importance of Smart Grid Security with PKI and HSMs

Smart grid security solutions must be able to deploy on a large scale, with minimal effect on applications. Securing the smart grid at the communication layer will require a system to identify connected meters, to verify that these meters are configured correctly, and to validate these meters for network access.

The recommended solution for this authentication process is an identity based model, often a Public Key Infrastructure (PKI). PKIs are ideal for large-scale AMI security deployments that require a high level of security with minimal impact on performance.

In a PKI environment, it is essential that private keys and certificates are guarded with a reliable key management solution that protects against ever-evolving data threats, such as hardware security modules (HSMs).

Applications Leveraging HSMs for Trusted Smart Grid Security:

• Device Identities
• Device Provisioning
• Secure Message Processing
• Device Authentication
• Infrastructure Integrity with PKI Services
• Secure Management

Bringing Trust to the Connected Car

While connected cars offer huge opportunities for drivers and associated businesses, the full measure of these gains won’t be realized without effective security.

Benefits of Connected Cars

The Internet of Things (IoT) paradigm has been having a profound impact on the automotive industry and the long-term prospects. As the power of the IoT comes to automotive vehicles, it presents opportunities for consumers, manufacturers, and service providers in a range of areas including: unprecedented data collection; convenient communication; geography-based services; tailored insurance incentives; intelligent diagnostics; and assisted driving.

Secure, Trusted Identities

While all of these opportunities are significant in one way or another, they are only as strong as their weakest link when it comes to security. As the connected car’s intelligence, services, and ecosystem expands, so do the potential risks and exposures. It is critical to have strong assurances about the legitimacy of the various elements that need to communicate with each other. If an unknown device can gain access to data or services, or a compromised device can impersonate a trusted device, the efficacy of any defenses in place starts to collapse. Consequently, it’s a critical requirement to establish fool-proof identities of each of the elements within the connected car ecosystem.

Organizations need to employ robust, hardened security mechanisms for the IoT. To establish the control and visibility required, your organization needs to institute secure identities, strong authentication, strong encryption, and robust key management.

Tips to Building a Trusted Foundation for IoT Connected Cars:

• Trusted Identities - leverage digital certificates to establish trusted identities of connected cars, providing reliable identification with the original manufacturer or service provider
• Secure Communication Between Devices - both with one another and with the master of devices
• Authentication - issue certificates at the time of manufacturing, which can then be used to facilitate strong authentication when deployed
• Data Integrity - securely generate and store critical cryptographic keys in hardware security modules (HSMs) to prevent unauthorized access, theft, and tampering
• Code Signing - create and establish trust and address potential IoT vulnerabilities
• High Availability and Disaster Recovery – ensure easy recovery from failures, and minimize downtime from any single platform so it won’t lead to a catastrophic loss of keys
• Monitoring and Management – rely on strong authentication to make sure that only authorized drivers and service personnel can access sensitive systems

IoT Secure Manufacturing

There is a recent push to implement an Internet of Things (IoT) infrastructure into manufacturing environments in order to protect intellectual property (IP), reduce manufacturing costs, improve supply chain efficiencies, and proficiently manage device lifecycles. But studies reveal that in past IoT implementations the secure component was often an afterthought, posing risks to manufacturers’ proprietary software and IP. Additionally, manufacturers were also missing out on the secure collection of invaluable data from potentially thousands of endpoints that could be analysed to lower costs, improve productivity, and basically work smarter.

Hardware Security Modules (HSMs)

SafeNet Luna Hardware Security Modules (HSMs) secure encryption keys in a FIPS 140-validated root of trust so that manufacturers can securely benefit from IoT and big data analytics. In addition, SafeNet Luna HSMs offer high availability, load balancing, and ECC key limit size constraints for smaller crypto footprints, to ensure production uptimes and efficient performance rates that will not bog down systems.

Gemalto can help

Guard yourself against forgery, protect yourself against lost revenue, and become more vigilant in your secure manufacturing environment, including system risks that accompany the IoT.

IoT Security Threats Include

• Issuance of identities
• Privacy of IoT data
• Secure code signing
• Insecure communication between devices and the backend
• Breach of data resulting in incorrect data analysis
• Authentication of software updates
• Control of manufacturing licenses
• Authentication of manufactured components once deployed
• Enforcement of policy and procedures

Healthcare Data Security Solutions

From medical records to insurance forms to prescription services, the healthcare business is a networked environment – allowing patient information to be shared and managed by a variety of parties and from a number of endpoints, each with their own level of security for protecting that information.

Networking is magnified tenfold by the introduction of the Internet of Things (IoT) to Healthcare, as the number of connected devices and the tremendous amount of data they collect increases substantially. Numerous IoT applications in healthcare, from remote monitoring to smart sensors and medical device integration, have the potential to not only keep patients safe and healthy, but to improve how physicians deliver care as well. But there is the question of how to keep all of that data secure, especially if it is being exchanged with other devices.

Maintaining the security of patient data is a complex proposition that affects:

• Every employee of a healthcare facility
• Every area of its IT system
• Every participant in the healthcare IoT ecosystem
• All vendors, partners, and insurers that work with the healthcare provider

It's no surprise cyber criminals see medical data as particularly valuable as it enables them to illegally obtain medical goods and services or sell the sensitive information. As is the case with the IoT, major security flaws can pose serious threats to the health and safety of patients. For example, criminals can remotely manipulate devices, including those that controlled dosage levels for drug infusion pumps and connected defibrillators.

As a result, it is crucial that organizations implement healthcare data security solutions that will improve patient care while protecting important assets and satisfying healthcare compliance mandates.

SafeNet Healthcare Data Security Benefits

• Comply with applicable regulations and standards, including:
  • HIPAA
  • HITECH
  • EPCS
  • PCI-DSS
  • State Data Breach Laws
  • EU's General Data Protection Regulation (GDPR)
  • Many more
• Protect the integrity of your medical applications
• Optimize workflows, allow doctors to receive real-time patient updates anywhere, and improve doctor/patient care with a secure IoT infrastructure
• Secure patient records and information, claim activity, and other medical transactions to ensure high efficiency, and security
• Identify and control the employees, customers, suppliers, patients, and partners accessing your applications and system
• Reduce implementation time and cost to ensure deadlines are met and fines avoided
• Eliminate the need for investing in disparate systems from different vendors
• Secure the exchange of records and information, claim activity, and other transactions amongst healthcare providers and insurers

Our Healthcare Data Security Solutions:

Multi-Factor Authentication

Control access to a range of medical systems, and become compliant with the DEA’s EPCS and other regulations. Our authentication solutions can be used not only to re-authenticate to EHR systems when issuing eRx’s for controlled substances, but also to secure remote access to EHRs for practitioners working off premises.

Hardware Security Modules (HSMs)

SafeNet Luna HSMs, combined with IAM solutions, provide high assurance protection of identities used to grant physical and logical access to users. HSMs also help protect transactions and applications, ensure data integrity, secure the IoT, and maintain an audit trail.

Data Encryption and Key Management

Data encryption and key management solutions protect and maintain ownership of data throughout its lifecycle — from the data center to the endpoint (including mobile devices used by physicians, clinicians, and administrators) and into the cloud.

High Speed Network Encryption

High-performance data in motion encryption solutions persistently protect information, ensure control beyond location or boundary, streamline operations, facilitate disaster recovery, and reduce compliance costs.