Iot Security at Scale with Atsign
IoT devices proliferate at such a rate that you will quickly have more devices connected to your network than people. Maybe you already do, and understand how this can be a huge management nightmare, especially when it comes to security. Additionally, so much time is spent by system administrators to deploy and manage them that it can really slow things down. Adding potentially billions of devices each with their own attack surface makes the security challenge all the more daunting.
According to IoT Business News, “98% of all IoT traffic is unencrypted, exposing personal and confidential information.” What if that number were 0%?
This is fascinating to us. Securing the data is generally the last thing people consider in IoT security, but increasingly frequently that data (and 100% of consumers’ data) falls under existing legislation such as GDPR and CCPA, and all the additional privacy legislation that is about to be passed by different countries and states.
Today, security experts recommend setting up firewalls, VPNs and static IP addresses, or even segmenting networks (No, thanks!). At scale, setting up and maintaining devices and security rules becomes cost-prohibitive, not to mention the frequency of updates needed to properly secure and patch the devices as they remain vulnerable.
Securing the Pipes and the Data
Atsign has created an alternative architecture, one more lightweight and more scalable.
The atPlatform and underlying atProtocol utilize outbound connections to authenticate data transfer between known parties; even if it were to miraculously be intercepted, the data itself is encrypted inside the TLS pipe, so bad actors can never access the information. In turn, this means that firewalls, VPNs and static IP addresses are no longer needed in order to protect the device or its traffic from attack.
The atProtocol allows devices to communicate with no open ports and no need for static IP addresses. Having such reduced attack surfaces when scaling IoT deployment is a game-changer. Not to mention, applications built on the atPlatform are compliant with privacy laws from the get-go, eliminating another massive legal and logistical headache.
In our zero trust environment, every person and every thing is addressable with an atSign, a new identity secured by keys that are created and remain resident on the device it is activated on. For a more comprehensive breakdown of atSigns, check out, “Addressable on the Internet without DNS | IP addresses,” written by Colin, our Co-founder and CTO.
atSigns exchange data by only sending outbound connections to what is known as a microservice, or, “secondary.” Since we are open source, clients have the option to host their own secondaries, or can choose to have Atsign host them. Either way, data management becomes simpler and more secure as all connections are end-to end encrypted. It is not just a matter of securing the network, but also the data.
Come Talk to Us
To learn more about how you can scale your IoT simply and securely, drop us a line, we’re happy to chat about our open-source tech!
Set up a demo or chat with our team: firstname.lastname@example.org
Photo by Zach Vessels on Unsplash
What is a SAFE Round Investment?
Atsign is offering an opportunity to invest in a SAFE round in their Equity Crowdfunding Campaign. Find out what a SAFE round really means, and how it can benefit you as the IoT market continues to grow exponentially.
Atsign Equity Crowdfunding Kickoff
Join us in our equity crowdfunding campaign as we continue to flip the Internet! Invest in a sustainable company focused on data privacy & security.
Complete Device Lockdown
Complete device lockdown is the future with Ssh! No ports, a tool that allows people to SSH into a device without having any ports open.
AirDrop Alternative: atmospherePro
Looking for a file-sharing alternative to AirDrop? atmospherePro is the best way to go. Share files across different types of devices and operating systems.
Atsign Honored as 2022 IoT Security Champion of the Year
Atsign honored as 2022 IoT Security Champion by the IoT Security Foundation.