Internet of Things: cyber security by Deutsche Telekom

• Secure ID verification certificates from Telekom
• Fully automated ID management for the IoT
• Machines can be clearly identified

Worldwide, some 6.4 billion devices are connected to the network. By some estimates, this figure will climb to 25 billion by 2020. Whether a refrigerator or industrial robot: most things in life were never conceived to be available via the global network. As a result, they are often vulnerable to cyber attacks due to a lack of adequate protection. Deutsche Telekom is now making the Internet of Things, or IoT for short, more secure. It is introducing a new protective layer to the device network using certificates from the T-Systems Trust Center. These certificates update themselves completely automatically, which means customers themselves are able to determine exactly how a digital identity is set up and the level of authentication required. Services are thus tailored precisely to customers' needs.

Every "thing" has its own identity
The certification authority at T-Systems assigns each device on the network a unique and easily verifiable identity. This ensures that only authorized individuals can access exactly the devices that need accessing, and that all communication partners are really who they say they are. For example, if a car autonomously contacts the head office to check for control unit updates, the manufacturer needs to be certain that the car is genuinely one of its own and, above all, that the right information for the specific model is sent. The car therefore has a personal and unique identity.

"The Internet of Things opens up the network to attacks by cyber criminals on a huge scale. Our IoT solution keeps the playing field as small as possible for attackers," says Ferri Abolhassan, Director of T-Systems, and Head of the IT Division and Telekom Security. "The new product in our Magenta Security portfolio offers a strong protective shield, which is what customers want. The level of interest in our new service is enormous," says Abolhassan.

T-Systems: certification experts
The certification authority for the IoT uses cryptographic algorithms that incorporate the recommendations of the German Federal Office for Information Security, as well as innovations and industry standards. Frequent independent audits and certification processes maintain these high standards.
T-Systems, which offers this new service, has a strong background in certificate management. The Deutsche Telekom subsidiary operates one of the largest certification management systems for a range of application scenarios in Germany (public, energy, automotive, transport, corporate, and many more). It currently processes up to 85 million inquiries on certificate status every day, has issued 230 million certificates for the electronic health card, and operates the central certification authority for the smart meters of the future.

Ferri Abolhassan has given an interview on the issue of security in the Internet of Things (IoT) environment, which can be found here.

11 ways to stay safe in the Internet of Things (IoT):

1. Give due attention to security right from the start: Upgrading later on is always difficult.
2. Be aware of what is connected: Knowing exactly which devices are connected and how is essential to keeping them better protected and monitored.
3. Don't think every last thing has to be connected: Be economical: Only link up what needs to be linked and is useful.
4. Keep data communication down to the essentials: So devices on the network will only communicate under specific, predefined circumstances.
5. Separate critical systems from non-critical systems: For example, don't connect industrial plant controllers with office communication networks.
6. Create logical areas: Set up logical sub-divisions within the overall system to keep damage down to a minimum in the event of a successful attack.
7. Use penetration tests: Check vulnerability beforehand to help prevent attacks before they happen.
8. Keep software up to date: If all systems were updated on time worldwide, 95 percent of attacks could be prevented.
9. Encrypt connections between things: Encrypt communication to stop information from being intercepted en route.
10. Use certificates to verify the identity of all things: So only authorized individuals can access exactly the devices that need accessing.
11. Use strong partners: Seek expert assistance in case of uncertainty and have an end-to-end protection concept drawn up by a company such as Deutsche Telekom.

About Deutsche Telekom
Deutsche Telekom is one of the world’s leading integrated telecommunications companies with more than 156 million mobile customers, 29 million fixed-network lines and around 18 million broadband lines (as of December 31, 2015). The Group provides fixed-network/broadband, mobile communications, Internet and Internet-based TV products and services for consumers, and ICT solutions for business customers and corporate customers. Deutsche Telekom is present in more than 50 countries and has around 225,200 employees worldwide. The Group generated revenues of 69.2 billion euros in the 2015 financial year – around 64 percent of it outside Germany.

About T-Systems
Drawing on a global infrastructure of data centers and networks, T-Systems operates information and communications technology (ICT) systems for multinational corporations and public sector institutions. On this basis, Deutsche Telekom's corporate customer arm provides integrated solutions for the networked future of business and society. Some 50,000 employees at T-Systems combine industry expertise with ICT innovations to add significant value to the digitization strategies and core business of customers all over the world. The corporate customers unit generated revenue of around 9.5 billion euros in the 2013 financial year.