Maintain your brand - make your IoT product secure
All too often security does not get sufficient attention or is not prioritised at a sufficiently early stage in the development of IoT products. If you want to maintain the quality of your brand it is important that quality also involves digital security.
When products become connected the security landscape for the product changes drastically. For non-connected products, functional safety, wireless regulations, electromagnetic immunity and thermo-mechanical reliability is essential. This is also the case for connected products. However, risks from cybersecurity threats must be dealt with, both in relation to security and privacy breaches. IoT security is a new requirement outside both traditional IT security and product safety - and yet it should be embedded in both. IoT security needs attention already in the design phase.
Security for your product and ecosystem
The connectedness of your IoT products makes it important to consider the security of the complete system your product is deployed in. Your IoT product relies on the back-end system, which can also be important for the security of the product and the data in the system. We can help you with both the security of your physical product but also take a holistic view of both back-end and other systems or subsystems your product will interact with in our analyses.
The connectedness of your IoT products makes it important to consider the security of the complete system your product is deployed in. Your IoT product relies on the back-end system, which can also be important for the security of the product and the data in the system. We can help you with both the security of your physical product but also take a holistic view of both back-end and other systems or subsystems your product will interact with in our analyses.
We provide three services:
Base the security of your product on the potential impact on your business, by basing it on a risk analysis. This will take your business, threats to the security of the product and potential weaknesses of the product into account. To make sure you get sufficient security and the best value for money regarding security when designing, implementing and having IoT products in operation, this takes your business as underlying bases for looking at the security. We base our analysis on various international methodologies, e.g., OCTAVE Allegro, UL2900-1, SIL analysis, and functional safety. The essential part of the risk analysis is also to allow for a cybersecurity level which is possible from a market perspective. The doorbell in an ordinary household does not need the same level of cybersecurity as bank locks, or the machine monitoring for a power plant.
Security incorporated in the product is much better than trying to secure an insecure design. We can help you in the idea phase when you start the design of your product. Already in this phase, starting a risk analysis adds value because it makes it clear where and why to focus on security, and how to get a secure quality product.
The Nordic IoT Centre also offers reviews and testing to assess the security of your IoT solution. Here, we can perform tests based on standards such as UL 2900-1 that specifically target the cybersecurity of the product. The essential part is to make it transparent what requirements the product is tested against. Lastly, by combining the reviews with audits of the company’s processes it is verified that the software in the IoT product is managed to be secure, also years after deployment.
Standardisation and methodologies
The IoT world is new, and there is currently a lack of both methodologies and standardisation targeting IoT Security. We participate in both standardisation work and in the development of new methodologies focusing on IoT security. This standardisation is focused through our collaboration with the Danish Standards, the Alliance of Internet-of-Things Initiatives (AIOTI), CENELEC, and many more.
This is for you who need
Your IoT device to be secure
To have control of your brand name
To consider cybersecurity early in the design phase
A secure design
Want to know how to get started with Internet of Things?
Call us or send an email today. We are ready to help you release the value of IoT.
Alexandre Alapetite
Principal Software Solutions Architect
Alexandra Institute
Camilla Føns Mortensen
IoT Community Lead
FORCE Technology
Cases
ERNIT
ERNIT has developed a virtual piggy bank to help children understand the concept of saving up for the things they wish for. To show the world that their IoT product is safe to use, ERNIT has had a third-party security screening conducted at the Nordic IoT Centre. It is important that this approval is in place both in relation to the customers, who are the banks, as well as when ERNIT conducts business with the export markets.
