Recently ARM revealed their new Platform Security Architecture which is a brilliant bottom-up model for securely loading systems in an IoT world. Many mobile device manufacturers, such as Samsung, are following a similar path. While these efforts are implementing very strong tools for secure IoT computing, they are all missing some key components such as policy-based management, central control, and remediation capabilities.
What is required is not just more of the same – tons of engineers using these tools to create disparate/half-baked security solutions – but a truly unified system. Management is required that can handle the scale of the IoT, and its disconnected nature, while working seamlessly across types of devices and communications. These foundational tools being provided are powerful but, unless a unified system is placed on top, they will only serve to exacerbate the security issues. Providing tools to the masses works well for applications but very poorly for security and the ability to cohesively control some of the most heterogeneous networks ever implemented.