Iot Security at Scale with Atsign

IoT devices proliferate at such a rate that you will quickly have more devices connected to your network than people. Maybe you already do, and understand how this can be a huge management nightmare, especially when it comes to security. Additionally, so much time is spent by system administrators to deploy and manage them that it can really slow things down. Adding potentially billions of devices each with their own attack surface makes the security challenge all the more daunting. 

According to IoT Business News, “98% of all IoT traffic is unencrypted, exposing personal and confidential information.” What if that number were 0%? 

This is fascinating to us. Securing the data is generally the last thing people consider in IoT security, but increasingly frequently that data (and 100% of consumers’ data) falls under existing legislation such as GDPR and CCPA, and all the additional privacy legislation that is about to be passed by different countries and states.

Today, security experts recommend setting up firewalls, VPNs and static IP addresses, or even segmenting networks (No, thanks!). At scale, setting up and maintaining devices and security rules becomes cost-prohibitive, not to mention the frequency of updates needed to properly secure and patch the devices as they remain vulnerable. 

Securing the Pipes and the Data

Atsign has created an alternative architecture, one more lightweight and more scalable.

The atPlatform and underlying atProtocol utilize outbound connections to authenticate data transfer between known parties; even if it were to miraculously be intercepted, the data itself is encrypted inside the TLS pipe, so bad actors can never access the information. In turn, this means that firewalls, VPNs and static IP addresses are no longer needed in order to protect the device or its traffic from attack.

The atProtocol allows devices to communicate with no open ports and no need for static IP addresses. Having such reduced attack surfaces when scaling IoT deployment is a game-changer. Not to mention, applications built on the atPlatform are compliant with privacy laws from the get-go, eliminating another massive legal and logistical headache.

In our zero trust environment, every person and every thing is addressable with an atSign, a new identity secured by  keys that are created and remain resident on the device it is activated on. For a more comprehensive breakdown of atSigns, check out, “Addressable on the Internet without DNS | IP addresses,” written by Colin, our Co-founder and CTO. 

atSigns exchange data by only sending outbound connections to what is known as a microservice, or, “secondary.” Since we are open source, clients have the option to host their own secondaries, or can choose to have Atsign host them. Either way, data management becomes simpler and more secure as all connections are end-to end encrypted. It is not just a matter of securing the network, but also the data.

Come Talk to Us

To learn more about how you can scale your IoT simply and securely, drop us a line, we’re happy to chat about our open-source tech!

Set up a demo or chat with our team: iot@atsign.com

Photo by Zach Vessels on Unsplash