• Subscribe
  • Products
  • Factory
  • Process
    1. Factory
    2. IIoT

    Data Protection Best Practices for IIoT

    Sept. 4, 2019
    Unprotected data can cause disruptions in service, data leaks, negative brand reputation, heavy regulatory fines, or serious industrial accidents. And as the Industrial Internet of Things (IIoT) becomes more prevalent in the manufacturing space, protecting your sensitive data is more important than ever.
    Data Protection Best Practices in an IIoT System
    Data Protection Best Practices in an IIoT System

    The Data Protection Best Practices White Paper published by the Industrial Internet Consortium (IIC) lays out the Data ProtectionĀ Best Practices that manufacturers can takeĀ to secure their data in the industrial internet age.

    Data can come in many different formsā€”including operational, personal, audit, configuration, and systemā€”which can prove to be complicated when searching for the proper protection of your data, especially in a complex IIoT system.

    Security is typically the first step an organization should take when it comes to data protection. In this white paper, security is covered in five sectionsā€”key management, root of trust, authentication, access control, and audit and monitoring. The paper then drillsĀ down into more specifics and establishes how organizations can use the information provided.

    • Key Management:Ā Itā€™s important to understand that managing keysā€”like passwordsā€”is an integral step to make sure that only authorized users can access the secured data. Though it may seem obvious, itā€™s important to create, rotate, and backup passwords with seemingly random characters, as this is the first step for proper protection.
    • Root of trust:Ā Make sure there are different levels of security each with built-in defense because, as most Internet of Things (IoT) devices are designed for low cost/low resource consumption, which makes them vulnerable to attacks.
    • Authentication:Ā As with key management, this may seem obvious, but it is often overlooked. Authentication, in this case, is combined with encryption. Data should be secure behind encryption which is only accessible to those with the proper credentials.
    • Access Control:Ā Data protection should, first and foremost, prohibit unauthorized access. As with authentication, only those with the proper key should be able to access specified data.
    • Audit and Monitoring:Ā This step, in the grand scheme, is aboutĀ making sure that all steps are working as established. Make sure the system is running properly, ensure that everyone has proper access and validation, and continue to operate without incident.

    ā€œSecurity is the cornerstone of data protection. Securing an IIoT infrastructure requires a rigorous in-depth security strategy that protects data in the cloud, over the internet, and on devices,ā€ said Niheer Patel, product manager, Real-Time Innovations (RTI) and one of the paperā€™s authors.

    After it can be established that an organizationā€™s data is secured following the steps laid out by the IIC in the paper, itā€™s time to be sure that the data is valid, accurate, and not tampered or destroyed in any unauthorized way.

    Data integrity is important to ensuring that operations run smoothly. And because data passes through multiple phases throughout its lifecycle, violation of data integrity is likelyā€”either by malicious actors or through unintentionalĀ corruption during communication or storage can lead to the loss of data integrity. So it is important to continuously verify data and ensure that it is intact and protected.

    This is especially relevant when it comes to handling personal data, as this data must be protected in accordance with privacy laws and regulations, which are wide-ranging in scope and stringency.Ā The IICĀ paper focuses on the EU General Data Protection Regulation (GDPR).

    Because of the specificity of some laws regarding personal data, the IIC writes, ā€œPersonal data collected from data subjects must be reduced to the lowest levels necessary for the specific purpose of the processing.ā€ This data should also be kept confidential and only be accessible by those with the right credentials.

    Failure to keep personal data secure can lead to serious consequencesā€”revenue and profit loss, non-compliance fines, financial and criminal exposure, or reputational damageā€”that can have long term effects on the organization.

    ā€œProtecting IIoT data during the lifecycle of systems is one of the critical foundations of trustworthy systems,ā€ said Bassam Zarkout, executive vice president, IGnPowerā€”anotherĀ one of the paperā€™s authors. ā€œTo be trustworthy, a system and its characteristics, namely security, safety, reliability, resiliency and privacy, must operate in conformance with business and legal requirements. Data protection is a key enabler for compliance with these requirements, especially when facing environmental disturbances, human errors, system faults, and attacks.ā€

    Companies in this Article

    Continued Reading

    Sponsored Recommendations

    Rock Quarry Implements Ignition to Improve Visibility, Safety & Decision-Making

    George Reed, with the help of Factory Technologies, was looking to further automate the processes at its quarries and make Ignition an organization-wide standard.

    Water Infrastructure Company Replaces Point-To-Point VPN With MQTT

    Goodnight Midstream chose Ignition because it could fulfill several requirements: data mining and business intelligence work on the system backend; powerful Linux-based edge deployments...

    The Purdue Model And Ignition

    In the automation world, the Purdue Model (also known as the Purdue reference model, Purdue network model, ISA 95, or the Automation Pyramid) is a well-known architectural framework...

    Creating A Digital Transformation Roadmap Using A Unified Namespace

    Digital Transformation has become one of the most popular buzzwords in the automation industry, often used to describe any digital improvements to industrial technology. But what...