Challenge: IoT Software Security Issues and Inability to Scale
A large industrial company needed to rapidly deploy an IoT data product to the global market. The company had attempted to work with an outsourcing agency, but they lacked the DevSecOps knowledge required to understand the complexity, security and challenges surrounding a multi-tenant, multi-device solution. The original architecture was built by non-infrastructure engineers; it had many components built specifically to the IoT software that prevented its extensibility to other devices, and limited its overall security. Unfortunately, the project was continuously delayed and ultimately stagnated, suffering from numerous IoT security issues.
Solution: A Secure Compliant Data Platform and DevSecOps Expertise
New Context, deployed a small team of specialists to set up a secure architecture and get the project back on track. Since the client trusted New Context’s expertise, the team seized the initiative to rebuild the IoT software project from the ground up and went to work implementing well-established and accepted standards, in concert with the client’s development team. They mentored the development team in DevSecOps methodologies and software development best practices. They addressed common issues, like the structure of code repositories, the testing and setup of CI/CD pipelines, as well as containerization. Additionally, the New Context team developed an API contract that provided structure and standards for the development of platform endpoints and built a framework for the secure compliant data platform which provided three vital functions:
- IoT Command and Control;
- Collecting analytics data from the client’s devices; and
- Data Science platform – data analytics, machine learning, AI, aggregation.
As always, New Context began the project build with end-to-end IoT software security at the forefront of their minds. This included the use of Oauth, role-based access control and mutual transport layer security authentication, allowing and automating two-way authentication between servers and clients. The project infrastructure was built on the design for cloud native deployments, and designed and optimized to allow for client development teams to develop, deploy, and maintain services for the data platform. The use of an application programming interface management layer introduced a north-bound and south-bound architecture, that also allowed for continuous development and deployment of services without introducing client-side changes.
Conclusion: Scalable and Secure IoT software
In the end, it was New Context’s leadership and DevSecOps expertise that proved indispensable to ensuring the client. It ensured that the client was able to understand and implement industry best practices, and to develop and secure its IoT software. Now armed with that knowledge, the client reaps the financial benefits of employing a secure compliant data platform that can easily scale and upgrade entire enterprise-wide devices at will. Most importantly, the client is able to reuse and employ that critical knowledge to accelerate their future projects to market.