Looking Ahead: New Tech Brings a New Set of Barriers to Consider
17 November 2020 – Increased investment in IoT is paving the way for a new phase of fully digitalized supply chain management. The trend was largely influenced by the pandemic-related workforce layoffs and mandatory state lockdowns. Smart logistic solutions are economically resilient and effective. They not only offer an entirely new level of flexibility and efficiency, but require less human capital to supervise and maintain operations.
Although with a lot of potential use cases, Vincentas Grinius, CEO at IPXO (right), notes a few vulnerabilities concerning the technology, which should be addressed before upgrading to IoT-driven supply chain management – to avoid leaving any open doors for external threats.
External Security Gaps
Each IoT device needs an IP address to access the organization’s network, for instance, to send or receive relevant information concerning in-stock, machine operability, and other crucial information. However, IoTs are usually set up on public IP addresses, and are therefore visible to all Internet users. This could lead to a serious external data breach, which in turn, may potentially take down an entire supply chain structure.
“Each IP address needs to be validated by an encrypted certificate, either LOA or ROA. The difference between them is that the latter is digital, hence, more secure and tamper-proof,” explains Grinius. “However, the majority of IPs in the industry are still under LOA certificate, thus for IoTs operating on LOA-verified IP addresses, the risk of breach becomes significantly higher.”
“ROA is crucial in terms of preventing IP hijacking and securing network integrity,” he continues, “and should become common practice, as it could better protect the entire infrastructure.”
Robust Network Perimeter
Controlling a large number of IoT devices requires setting up a robust network perimeter. As malware is becoming more and more technologically sophisticated, Mr Grinius emphasizes the importance of regular security protocol updates. Timely upgrades are key to detecting any new red-flags.
“The IoT industry is still evolving, therefore we may not even be aware of some of the associated threats. Building a robust network perimeter, as well as making sure all of the security policies are up-to-date remains vital to prevent outside attacks,” explains V. Grinius.
Tracking IoT-related traffic may be the difference between catching a threat just-in-time or a little too late. Being able to distinguish any abnormalities is relevant to long-term security, as previously deemed suspicious traffic would be red flagged on the spot.
“Sometimes real-time data is not enough. Analysing historic data enables to dive deep into network forensics and make deductions if an intruder has been trying to knock-down your defences and reiterate accordingly. Isolating patterns, previously identified as malicious, allows to not fall victim to recurring threats, and keep a watchful eye on any new malware that might be emerging.”
IoT offers a great deal of manufacturing flexibility, and, if all security shortcomings are timely addressed, will bring supply chain management up to an entirely new level of efficiency, helping businesses recover and thrive in the post-pandemic economy.