A smartphone user’s guide to data security for cellular IoT

Smartphones vs IoT- The difference in data security

When we turn our attention to IoT devices, we want to have the same confidence that the data we send and receive is secure and can be trusted and that any commands we send to devices are received intact and unmodified.

However, the low power nature of many IoT devices presents a set of challenges:

But we still want that absolute level of confidence and trust.

Thankfully there is a solution that can deliver the confidence in cellular data that we need.  Whereas smartphone apps leverage end-to-end encryption, cellular IoT devices can instead use the security features of Pelion IoT Connectivity as part of a series of data security solutions to achieve the same level of data confidence throughout the transmission chain.

When data leaves a cellular device, it is encoded as per the GSMA standards to ensure eavesdropping can’t occur during the radio transmission to the nearest cell tower.  In the days of analog phones, it was possible to listen in on calls by tuning a receiver to the appropriate channel.  But, with digitization and the random encoding of data, that’s no longer a problem.

The next hop for data is through the cellular service provider’s core network equipment until it reaches an Internet egress point.  The physical path for data is via private connections with connections routed using the fastest and logically shortest routes possible.

The final stage is for the data is to be routed across the Internet to the destination server.  This stage is critical; without additional security precautions, this hop is performed in the clear, and it is at this point that data can be attacked by monitoring, re-routing, and modifying.  In the journey of our data from device to cloud, this step constitutes the most significant risk.  Without an on-device encryption solution you’d be forgiven for thinking that it wouldn’t be possible to fully trust the data received from low-cost cellular IoT devices fully.  Still, we have a solution with Pelion IoT Connectivity.

Pelion IoT Connectivity ensures that data from devices using our SIMs is routed through the core cellular networks and through to the Internet via dedicated, private egress points.  Managing and monitoring this flow of data as it transitions from the cellular core systems to the internet gives us two essentials tools that we can use to secure the communications and so that you can trust your data:

With security solutions covering the three stages of the data path between cellular devices and destination servers, you can have confidence in Pelion's ability to instill the required level of trust in your IoT data.

For those seeking even higher security levels, over-and-above protecting data transmissions during the cellular journey, then you can also bring in Pelion Device Management functions such as per-packet data encryption, and managed and validated software update tools to ensure your devices are running the latest software and security patches.  Additionally, Pelion delivers tools that monitor your devices' operational health, detecting real-time operational issues before they become a problem.