Increased investment in IoT is paving the way for a new phase of fully digitalized supply chain management. The trend was largely influenced by the pandemic-related workforce layoffs and mandatory state lockdowns. Smart logistic solutions offer an entirely new level of flexibility and efficiency and require less human capital to supervise and maintain operations, making them economically resilient.
Vincentas Grinius, CEO at IPXO, noted a few vulnerabilities concerning an IoT-driven supply chain, which should be considered to avoid leaving any open doors for external threats.
External Security Gaps
Each IoT device needs an IP address to access the organization’s network to send or receive relevant information. However, IoTs are usually set up on public IP addresses, meaning they are visible for all internet users. This could lead to a serious external data breach, which could potentially take down the entire supply chain structure.
“Each IP address needs to be validated by an encrypted certificate, either LOA or ROA,” Grinius said. “The difference between them is that the latter is digital, hence, more secure and tamper-proof. However, the majority of IPs in the industry are still under LOA certificate. Thus, for IoTs operating on LOA-verified IP addresses, the risk of breach becomes significantly higher.
“ROA is crucial in terms of preventing IP hijacking and securing network integrity,” he continued, “and should become common practice, as it could better protect the entire infrastructure.”
Robust Network Perimeter
Controlling a large number of IoT devices requires setting up a robust network perimeter. As malware is becoming more and more technologically sophisticated, Grinius emphasized regular security protocol updates, as some of the threats may be in the making, and timely upgrades are key in detecting any new red flags.
“The IoT industry is still evolving; therefore, we may not even be aware of some of the associated threats,” he said. “Building a robust network perimeter, as well as making sure all of the security policies are up to date remains vital to prevent outside attacks.”
Tracking IoT-related traffic may be the difference between catching a threat just in time or a little too late. Being able to distinguish any abnormalities is relevant to long-term security, as previously deemed suspicious traffic would be red-flagged on the spot.
“Sometimes real-time data is not enough,” Grinius said. “Analyzing historic data enables you to dive deep into network forensics and make deductions if an intruder has been trying to knock down your defenses, and reiterate accordingly. Isolating patterns previously identified as malicious allows us to not fall victim to recurring threats, and keep a watchful eye on any new malware that might be emerging.”
IoT offers a great deal of manufacturing flexibility, and, if all security shortcomings are addressed, will bring supply chain management up to an entirely new level of efficiency, helping businesses recover and thrive in the post-pandemic economy.