IoT Security Solutions

Our Security Partners

Corvalent takes security seriously, and has partnered with two outstanding security companies:  Intrusion and helpsystems as well as security risk and compliance assessment company SecurityGate.io.  Not every customer requires this level of protection, so please reach out to Corvalent and discuss your security desires and needs at your convenience.

The people at Intrusion come from various United States “three-letter agencies” and have a background in protecting our nation’s sensitive secrets.  Intrusion uses unique and highly effective methods designed to protect individual companies from threats, not just based on signatures of known viruses and malware.

Helpsystems has one of the most advanced Security Operations Center (SOC) in the world in private hands, and provides a wealth of software and hardware tools.  They provide Active Threat Detection and Active Threat Mitigation monitoring as well as our Linux endpoint (Edge computer) software.

For corporate clients, our relationship with SecurityGate.io provides for security risk assessment and risk management against various standards, including NIST, NERC CIP, CMMC, DFARS, Oil and Natural Gas Subsector Cybersecurity (ES-C2M2), Maritime Cyber Assessment, and dozens of other frameworks.  SecurityGate.io covers Governance, Risk, Compliance, and Audit.

IIoT Security

More than ever, Industrial IoT (IIoT) security must be built into every aspect of the solution. Prevention of hacking, implantation of viruses, ransomware, and many other threats has to be considered a key attribute of any enterprise software solution in the cloud, on-premises servers, edge computers, and every data link along the path.

  1. Network security: IoT networks are predominately wireless now, as wireless overtook wired global internet traffic back in 2015. This makes security far more challenging than with traditional wired networks due to the variety of emerging RF and wireless communication protocols and standards.  Corvalent’s CAT-APM uses Transport Layer Security (TLS) and session tokens.  Edge computers can be protected using some of the most advanced endpoint security available (from Helpsystems, using the McAfee security engine.  Active Threat Monitoring and Active Threat Detection can be offered as well.
  2. Authentication:  IoT devices must be authenticated by all legitimate users.  Methods to achieve such authentication range from static passwords to two-factor authentication, biometrics, and digital certificates.  CAT-APM uses logins with passwords, and two-factor and/or Single Sign On can be implemented.
  3. Encryption:  Encryption will be needed to prevent unauthorized access to data and devices. This will be difficult to ensure due to the variety of IoT devices and hardware profiles. Encryption must be part of a complete security management process. CAT APM encrypts both data at rest, and data in flight, using SHA-256.
  4. Security analytics and threat prediction:  Not only must security-related data be monitored and controlled; it should also be used to predict future threats. It has to complement traditional approaches that look for activities that fall outside of an established policy. Prediction will require new algorithms and can even involve the application of artificial intelligence (machine learning) to access non-traditional attack strategies.  CAT-APM can include security dashboards if desired.
  5. Interface protection:  Most hardware and software designers access devices via an application programming interface (API). Securing these interfaces requires the ability to authenticate and authorize devices that need to exchange data (hopefully encrypted). Only authorized devices, developers, and applications should be capable of communication between secure devices.
  6. Delivery mechanisms:  Continuous updates and patches will be needed to deal with the constantly changing tactics of cyber attackers. This will require expertise in patches, essentially fixing gaps in critical software on the fly.

See How We Can Help

The bottom line is this: Corvalent relies upon world-class experts to work with our clients to fashion a security system that protects the client’s data, computers, and infrastructure. We do not rely on just software engineers and developers to create security – we use the very best and make them available to you.

Please feel free to reach out to Corvalent and discuss your security desires and needs at your convenience.