With Cloudflare Orbit, IoT manufacturers can add an additional layer of security on top of the individual Internet-connected devices via Cloudflare’s high-powered global network, taking IoT security beyond what is possible when relying solely on the security of the device.
In working with IoT manufacturers to develop Orbit, Cloudflare realized the usual device security model, based on the PC approach to user-installed patches, was deeply flawed. There will be 22.5 billion IoT devices in 2021, far outnumbering PCs, and that number will continue to grow. There is no magic bullet that will allow IoT developers to write perfect, bug-free code. And there is no way end users can be expected to upgrade each IoT device the way they needed to with their PCs.
IoT devices need a new security model, and Cloudflare’s Orbit provides a critical component of that new model. With Orbit, IoT manufacturers can configure their devices to only connect to the Internet through Cloudflare’s network. Then, if there is a security vulnerability, the IoT manufacturer can perform a “virtual patch,” across all of their devices, simultaneously. This layer of security complements on-device security and can protect the device even if it is running vulnerable or outdated code.
“The PC-era model of on-device security didn’t work very well for PCs and definitely won’t scale to protect the Internet of Things,” said Matthew Prince, co-founder and CEO of Cloudflare. “Cloudflare Orbit is already protecting more than 120 million IoT devices and provides a new approach to security that can scale to meet the needs of an increasingly networked world.”
With Orbit, IoT manufacturers can improve device and end-user security with:
- Real-Time Exploit Blocking: Utilizing Cloudflare’s firewall in the cloud, Orbit catches exploit attempts, including distributed denial of service (DDoS) attacks, as they happen, protecting devices that are still running vulnerable code.
- Secure & Authenticated Data Transfer: Orbit authenticates devices to determine that they actually belong to a user’s network and are not a malicious attacker trying to infiltrate the IoT infrastructure.
- Dedicated Private Network: Orbit locks down the traffic of IoT devices at the network level as if each device has its own VPN, or private network, that secures it from potential attacks.
Consumer IoT Devices Need a Better Solution
“Keeping our products and customers secure is our primary concern,” said Paul Gerhardt, co-founder of Lockitron. “Cloudflare provides an extra layer of security that allows us to keep our devices continually updated and ahead of any vulnerabilities.”
Industrial Control Manufacturers Need the Power of a Network
“This approach of adding security to the network is extremely important for industrial manufacturers,” said Sam Cece, CEO of Swift Sensors. “Being able to patch vulnerabilities from the network rather than at the device level is a major shift in the way we secure IoT devices, and one that is completely necessary.”
The Automotive Industry Needs Secure IoT to Keep Passengers and the Road Safer
“Car controllers are IoT devices. Karamba Security hardens these devices and prevents cyberattacks with zero false positives to maintain driver and passenger safety,” said Ami Dotan, CEO of Karamba Security. “We view Cloudflare’s Orbit as a complementary solution that enables secure connectivity between the cars’ hardened controllers and the car company’s data center for trusted, over-the-air updates.”
IoT Platforms Want to Augment their Security
“We are at the beginning of a new era in which a vast number of devices will be connecting to the Internet and security will play a critical role in the successful roll-out and adoption of IoT devices. Cloudflare’s Orbit adds another layer of defense that compliments other security measures such as strong hardware-based device security and helps ensure a safer Internet of Things.” Quinn Li, VP and global head of Qualcomm Ventures (the investment arm of Qualcomm Incorporated).
Industry Experts Agree with New Security Model
Michael Freedman, professor of computer science at Princeton University and CTO of Timescale, shared: “IoT devices create a distinct security challenge both because of the inability of most end users to update their software, as well as the cost that manufacturers bear if they release an update that bricks devices. This is even worse for legacy devices, many of which are effectively unpatchable. Cloudflare’s Orbit provides a unique approach to help with these challenges, by deploying a defensive layer in the network where security updates can be safely made without end-user intervention or on-device changes.”