The Pulse Secure Blog

Exploring and Discussing Secure Access Trends and Technologies

Securing Smart Cities with Pulse Secure Access

WHAT IS A SMART CITY?

Development of the smart city has progressed aggressively over the past few years. A smart city uses information and communication technologies to improve common operational efficiency in energy and water supply, public health, safety management, and transportation. The goal of a smart city is to provide superior public services, high-speed communication, and a better quality of life.

The core technology behind these cities is the Internet of Things (IoT). IoT solutions are composed of connected structures with internet-enabled sensors which collect data that can be used for analytic purposes.

Studies show that IoT-enabled smart cities add benefits of time management, reduced administrative overhead, and quicker crisis response time. For example, studies show connected health services save citizens 10 hours per week, mobile productivity apps simplify common administrative tasks to a savings of 21 hours per week, and mobile public safety applications save 35 hours per year by helping law enforcement response times. Once perfected, IoT could eradicate cities of traffic jams and drastically reduce crime rates.

SMART CITY SECURITY CONCERNS

Although the benefits of smart cities and IoT are undeniable, security experts worldwide are concerned about the introduction of vulnerabilities and data theft. The potential for millions of IoT sensors also brings a wide “surface area” for hackers to attack. Compromised security systems, medical monitors, and any IoT device could pose life-and-death risks. The consequences could be severe if bad actors shut down a city’s power grid or water supply. Collaboration between IoT vendors and access control technologies may invoke product incompatibility issues that introduce security weaknesses and vulnerabilities.

Cities need to protect sensitive assets by surrounding them with the most rigorous of security controls.

Applying appropriate network access-control measures will ensure the privacy of proprietary information of citizens, governments, research partners, universities and digital infrastructure.

Mission-critical IoT applications should have high levels of security before they are adopted on a large scale. Cities will have to develop cybersecurity expertise and stay abreast a volatile threat environment. Proper incident response policies and remediation processes should be enacted and practiced.

WHAT SECURITY SAFEGUARDS SHOULD SMART CITIES ADOPT?

Several security best practices should be followed to protect smart city IoT environments from potential life threatening cyber threats:

VISIBILITY

Complete knowledge of all connected devices is critical to IoT security. Without complete visibility, security of the network is limited.  “This is a critical area,” says Ruggero Contu, research director at Gartner Inc. “One key concern for enterprises is to gain full visibility of smart connected devices. This is a requirement to do with both operational and security aspects.” (Violino, 2018)

For some organizations, “this discovery and identification is about asset management and less about security,” says Robert Westervelt, research director of the Data Security Practice at International Data Corp. (IDC). “This is the area that network access control and orchestration vendors are positioning their products to address, with the added component of secure connectivity and monitoring for signs of potential threats.” (Violino, 2018)

Companies should take a thorough inventory of everything on the IoT network and search for forgotten devices that may contain back doors or open ports.

SECURE REMOTE ACCESS

Remote-access to on-premises, cloud, or hybrid network resources has historically introduced security weaknesses. Smart cities looking to expand their IoT infrastructure will require extensive private contractor access more than ever. Proper security controls that allow, deny, and log remote access through mobile, VPN, and guest wireless networks should be implemented.

ANALYTICS TO UNDERSTAND IoT DEVICE BEHAVIORS

Benchmarking IoT device behaviors helps in the building of security policy and determining suspect malicious activity and filtering false-positives. The practice of data aggregation and analytics from a centralized management platform or SIEM serves well for enterprise companies with potentially millions of IoT devices to monitor.

CENTRALIZED MANAGEMENT

Optimizing the task of managing potentially millions of IoT sensors is best accomplished through a single management platform in a IT operations center. Aggregation of device logging, centralized policy management, automated device remediation, and single-pane monitoring simplify the administrative overhead of IoT devices while improving time to remediation and business recovery scenarios.

CONCLUSION

Smart and connected devices can be applied in a variety of scenarios throughout any city. IoT technologies and architecture play a significant role in smart cities. Use of big-data and analytics streamline municipal management processes and improve overall daily life for citizens. For smart cities to continue their growth through IoT, better and smarter network access control systems should be implemented to track and manage IoT infrastructure and secure data and resources from cyber threats.

Check out our other IoT blogs to learn more:

Manufacturing Secure Access for Industrial Internet of Things (IIoT)

Expansion of IoT within Industrial Organizations

The Right IoT Mindset for 2018 and Beyond