IoT Security Overview from McAfee’s IoT Insights Day

By on Dec 09, 2014

Now that organizations are more interested in connecting their operational infrastructure and leveraging IoT advancements to reduce costs and increase revenues, we’re seeing much more interest in cyber security in these OT or industrial controls environments.    And it’s a tough problem because protection strategies for connecting operation systems must not impact system performance or resiliency, and also be very scalable.  One of our partners shared a great quote from a Norwegian proverb – “…experience is a great teacher, but the tuition is very expensive”.  We think it’s appropriate here as McAfee brings decades of security experience to help our customers quickly and cost-effectively achieve their IoT aspirations.

So, in the spirit of sharing McAfee expansive resources and experience, we’re announcing two things today: an IoT solution that increases the security management capability for McAfee IoT Gateway and an identity technology that will enable interoperability between device manufacturers…

Our customers can now utilize McAfee ePolicy Orchestrator (ePO), McAfee industry leading security management product, to manage device, software and data security on the gateway.  Extending ePO’s reach to the gateways provides more complete and real-time situational awareness of the end-to-end security posture of IoT deployments, allowing IT and Operations Technology (OT) security context to be merged for greater and more actionable intelligence.

In case you don’t know about ePO, the world’s best security management platform, here are just a few reasons why ePO is favored amongst market leading companies to protect their businesses:

  • ePO provides a converged security point of reference across the IT – and now OT – infrastructure with ubiquitous support for devices (including Mac and Linux systems), data, email/web security, and risk/compliance that scales to manage >100K nodes from a single server and expands to protect millions of devices
  • And an open, scalable architecture that allows customers to manage over 80 McAfee products as well as security products from over 100 Security Innovation Alliance partners
  • Plus very user-friendly, interactive, web-based dashboards in a customizable “drag-and-drop” environment
  • And now, ePO offers the flexibility of either a traditional on premise deployment or a cloud-based version, or combination of the two to quickly integrate current ePO IT on premise capability with new IoT cloud deployments

Leveraging ePO across IT and OT can be a critical strategy for unifying security management across the stakeholder chains prevalent in IoT.  ePO is one of the few solutions in existence that can scale to IOT levels – in fact, we have over 35,000 customers and 70 million nodes, and one installation with 5 million end devices under management.   The advanced security monitoring and management of disparate yet connected platforms common in IoT deployments is a unique capability ePO delivers that will significantly decrease operational costs and maintain IoT quality of service by improving resiliency affected by cyber-attacks.

For IOT security, device identity is a fundamental building block.  Establishing a basis for trust, authentication, inclusion in relevant system relationships and authorization for data access and actuation are all strengthened by the presence of an immutable, hardware-based identity.

McAfee has an identity technology in our processors and SoCs called Enhanced Privacy ID or EPID that accomplishes these goals.  We have also contributed EPID to ISO/IEC (20008 and 20009) and to TCG standards.  EPID delivers immutable hardware based identity, but also goes further in enabling identity to be implemented with anonymity.  In other words, a device can be identified as part of a group instead of as an individual.  This is the privacy enhancing portion of the technology.  And privacy will become more and more of a concern as date from IoT accumulates and big data analytics allow unprecedented insights.  Protecting identity will be a paramount concern.

As an example, one of the IoT “devices” that will know the most about us is our connected car.  To envision how EPID can enable IoT services while protecting privacy, imagine that there is a “Traffic Light Authority of North America, TLANA for short.  For cars that are subscribed to TLANA’s services, special functions are available in the car – synchronizing fuel saving features with light changes, alerts of approaching emergency vehicles, possibly even a mechanism to declare an emergency itself to prioritize the signal.  With EPID we can securely enable these services as part of the GROUP of cars that are authorized without identifying the car specifically, hence protecting privacy.

At the McAfee IOT Insight Day, McAfee announced that we’re taking the step of working with other silicon manufacturers to implement EPID.  Since EPID is foundational to many of the end-to-end security and management services in the McAfee IOT Platform, this will provide an entry point for non-McAfee processor based devices to be incorporated.  By collaborating with other processor and micro-controller manufacturers we can strengthen IoT security end-to-end.

About the Author


We're here to make life online safe and enjoyable for everyone.

Read more posts from McAfee

Subscribe to McAfee Securing Tomorrow Blogs