Input your search keywords and press Enter.

Cloudflare Bolster Defences for Internet of Things

Lockitron is one of the IoT companies using Cloudflare.  “Cloudflare provides an extra layer of security that allows us to keep our devices continually updated and ahead of any vulnerabilities,” says Paul Gerhardt, co-founder of Lockitron. Instead of writing and shipping a patch, IoT companies can write logic on Cloudflare’s edge, and write their own firewall rules to run on Cloudflare, and it updates the Cloudflare Orbit layer immediately, for all of their devices, without their users ever being so much as nudged to install something. Plus, with requests going through Cloudflare, Cloudflare can compress transmitted data and speed up traffic, meaning less time is spent waiting on open connections and more time left in the battery. A common challenge we heard from IoT device manufacturers was how to authenticate devices and know which connecting clients have authorised company devices, and which were bots only pretending to be. Cloudflare now offers Enterprise domains TLS Client Authentication, a TLS handshake where the client authenticates the server’s certificate (as with any TLS handshake) and the client has a certificate that the server authenticates. With Client Authentication on Cloudflare, Cloudflare’s edge handles the load of the TLS handshakes, validating the device client certificates, and only sending the IoT infrastructure traffic from authorised devices.

“We are at the beginning of a new era in which a vast number of devices will be connecting to the Internet and security will play a critical role in the successful roll-out and adoption of IoT devices. Cloudflare’s Orbit adds another layer of defence that complements other security measures such as strong hardware-based device security and helps ensure a safer Internet of Things.” — Quinn Li, VP, and global head of Qualcomm Ventures, the investment arm of Qualcomm Incorporated, the leading supplier of components for IoT devices.

Leave a Reply

Your email address will not be published. Required fields are marked *