IoT at the Edge
Showing results for 
Search instead for 
Did you mean: 

The daunting task of securing the Internet of Things and Big Data


By Reiner Kappenberger
Global Product Manager, HPE Security – Data Security

The task of protecting sensitive data already holds a major risk. Big Data use cases such as real-time analytics, centralized data acquisition and staging for other systems require that enterprises create a “data lake” — or a single location for the data assets, which makes for an easy target for attackers. This is where perimeter security is critical, but also increasingly insufficient – it takes, on average, over 200 days before a data breach is detected and fixed.

On top of the increasing risk of data breach, the Internet of Things adds a physical risk. Many connected devices allow consumers to control their environment, like opening and closing the door to their homes with their cell phones. Without sufficient and innovative security technology, there is nothing to prevent attackers from impersonating the device user, or the service provider to exploit these controls. While security mechanisms like SSL, 2-factor authentication, and certificate pinning can offer some protection, these best practices are usually an afterthought and are often not part of the design.

As the number of IoT connected devices in the enterprise multiplies, and the amount of data collected grows exponentially, organizations will need to act quickly, and adopt new security methodologies and best practices in their Big Data projects and IoT offerings.

New threats call for new solutions

The marketplace is responding to these growing physical and data perimeter risks with innovative approaches to encryption that focuses on protecting the IoT data itself throughout the entire ecosystem.

IoT is borrowing from the Point-of-Sale (POS) encryption methodology book: data transmitted from the card reader to the POS terminal is encrypted inside the card reader and thus not usable by attackers.

Similarly in IoT, specific data fields containing sensitive information collected by a connected device can be protected using a special form of encryption called Format-Preserving Encryption (FPE). FPE secures sensitive data from both insider risk and external attack, while the values in the data set remain unchanged for analysis.

Using FPE to encrypt data values on a field level removes risk and enables protection against remote takeover of an IoT device— the biggest threat to IoT security.

Raise your IoT defense at HPE Discover 2016

Because companies across industries will be deploying and using IoT technologies to a great extent in the near future, Hewlett Packard Enterprise wants to help its customers get ahead of the IoT security challenge.

Join me at Session BB8617 at HPE Discover 2016, June 7-9 in Las Vegas, to learn more about how IoT technologies increase the threat landscape. In this session, titled “Securing Sensitive Data for Big Data and IoT,” I will explain why traditional security approaches fall short in IoT. I will also introduce security methods such as (FPE), and explain how they can be combined with HPE Security ArcSight and HPE Security Fortify solutions to reduce the risk of attacks both on the back end infrastructure as well as the device.

Sign up for this session with the HPE Discover 2016 Agenda Builder. If you haven’t registered for Discover yet, there’s still time!

I look forward to seeing you there!

Related links:


About Reiner:

thumb_am_kappenbe_1101.jpgReiner Kappenberger is Global Product Manager (Big Data/Hadoop) at HPE Security – Data Security, with over 20 years of computer software industry experience focusing on encryption and security for Big Data environments. His background ranges from device management in the telecommunications sector to GIS and database systems. He has a Diploma in computer science from the FH Regensburg, Germany.


D16LV_facebook_cover_image.pngThe Internet of Things (IoT) at HPE Discover 2016 Las Vegas

Empowering the Digital Enterprise to be more efficient and innovative through data-driven insights from the Internet of Things (IoT)
0 Kudos
About the Author


Read for dates
HPE at 2019 Technology Events
Learn about the technology events where Hewlett Packard Enterprise will have a presence in 2019.
Read more
Read for dates
HPE Webinars - 2019
Find out about this year's live broadcasts and on-demand webinars.
Read more
View all