enterprisesecuritymag

Mocana: Re-Envisioning a Smarter and Secure IoT Landscape

Follow Mocana on :

W. William Diotte, CEO, MocanaW. William Diotte, CEO Internet of Things (IoT) is gradually yet significantly creating a lasting impact in the enterprise and consumer arena by powering a varied portfolio of physical devices, everyday objects, software, and hardware. The growing penetration of the internet has created a world where all endpoints are inter-related and can be remotely monitored and managed. An amalgamation of several innovations over time, including analytics, machine learning, embedded systems, and sensors have been the driving force behind enabling IoT within legacy systems and spurring a smarter and more intelligent outlook toward daily lives.

The wave of IoT is sweeping far and wide over the entire embedded landscape. It is slowly becoming a predominant force in transforming connectivity. Every aspect of life, from the daily activities to the consumer marketplace is being enhancefd IoT, which has further altered the way we interact with the world around us.

In spite of its revolutionary approach, just like how any boon comes with drawbacks, the major disadvantage with the advent of IoT is the beaming concern with privacy and security parameters of devices because of its pervasive presence. With changing times, some have come to believe that IoT is nothing more than an intrusion of privacy. It is many times referred to as active surveillance and cyber threats agent as mundane life stands exposed to powerful organizations and government bodies that make us more vulnerable than secure. In light of the ever-increasing security threats through connected devices’ invading into the private and public space, creating a dark dungeon of privacy and safety issues for enterprises and consumers alike, Mocana’s inception in 2002 was like a beacon of hope to finally “set free” and enable interconnected IoT devices to function in a secure, safe, and trustworthy manner.

Mocana’s major influencing factor is the driving instinct of its CEO, Bill Diotte, who is extremely enthusiastic and passionate about collaborating with enterprises working toward presenting the world in a completely new and transformative perspective. With its extensive and compliant security solutions, Mocana has been successful in protecting more than 100 million devices.

Shortcomings with IoT Implementations

In spite of the great swell of IoT and connected devices, there has been an escalation both in terms of frequency and sophistication ransomware attacks, leading to heightened security risk and vulnerability. What becomes another setback in managing connected devices is they are deployed into critical infrastructure without taking into consideration their enrolment and updating. The existing IT networks and operational technology (OT) security measures fail to counter hacking and phishing activities that make cybersecurity a growing concern for enterprises and consumers. Alongside these fall-outs, the lack of interoperability of data, singular integration of connected devices, monitoring and tracking problems over a limited network coverage space also seem to pose a challenge to the connected devices ecosystems. The management of unstructured data in terms of volume, and variety, and to make the available data actionable and valuable also seems to be a behemoth task for most organizations. Data breaches bring along with it a great possibility of corporate reconnaissance that tends to threaten intellectual property.

An End-To-End Service Platform

The solution offerings of Mocana are mainly centered on its innovative services platform, Mocana TrustCenter.

The Mocana IoT Security Platform is the most comprehensive IoT security solution for industrial manufacturers that are concerned about cyber attacks on embedded systems, IoT devices, and industrial cloud systems

This system merges with one of the leading hardware and software solutions provider, PrimeKey, making it a pioneer end-to-end platform for cybersecurity management and certification, during all levels of development, manufacturing, onboarding and updating IoT ecosystems. This unique platform is equipped with a system to help manage security across connected and industrial control devices, in a comprehensive and compliant manner. What makes Mocana TrustCenter distinctive is its capability of deployment on-premise, on a private or public cloud, in an appliance, or a hybrid of them all.

Mocana’s engagement with Primekey’s offering EJBCA Enterprise, enables management of multiple tenants, in a single installation. It also empowers multiple stakeholders to manage authentication and encryption logically. Clients can receive significant advantages by onboarding TrustCenter, which allows for zero-touch device enrolment through automated security protocols. The company’s OpenSSL-compatibility interface is also helpful in enabling applications to perform cryptographic functions simplistically, using an easy set of APIs. Its trust abstraction layer permits easy integration with hardware and software-based secured elements and crypto-accelerators, along with a full-stack architecture and an efficient cryptographic engine that strengthens authentication, integrity, devices, gateways, and cloud applications to go above and beyond the conventional perimeter-based security approaches.

Mocana’s solutions are incredibly scalable and are accompanied by security automation that eliminates the need for operators to travel to remote locations to perform management tasks physically. The company’s enhanced security solutions and control measures help to improve asset visibility and policy enforcement by employing a singular security infrastructure for all the IoT use cases. Mocana’s unique set of solutions maintain the cybersecurity compliance and standards while ensuring a fully automated and managed IoT device security.

An Integrated Endpoint Solution

Another approach that Mocana offers is its comprehensive IoT endpoint security system, Mocana TrustPoint. The company’s tech-stack ensures safe device-to-cloud communication, through its endpoint protection software. With the both commercial and military application, it also helps to combat very complex cybersecurity issues. This offering is FIPS 140-2 Level-1 validated and is compliant with US NIST 800-63 AAL3, the highest level of authentication assurance. Alongside this, Mocana TrustPoint can be integrated into 70 chipsets and 30 RTOSes. The framework of this solution comprises of simple APIs that facilitates easier integration of hardware-based secure elements with embedded applications and strong security implementation. The system put into place by Mocana is both cost-effective and time-saving, along with being economical in the aspect of resources that are needed to operate and maintain essential security on IoT and ICS endpoints. This solution thus helps speed up development procedures along with being cost-effective for its clients.
It can be easily leveraged and integrated onto the legacy and greenfield devices of the clients and help optimize the operations and provide automated security on the entire device level.

A Holistic Approach to a Safe IoT Lifecycle

Mocana’s crypto engine is designed in a way to ensure it is easily optimizable with a tiny footprint of about 30 kb. This makes the solutions more adept in memory-constrained environments as well. The company’s software solutions are responsive in nature for high-work factor ciphers, hashes, and cryptographic functions. They mostly impact domains of aerospace, automotive, energy, healthcare, communication companies, oil and gas, and electricity. Most IoT devices companies need to ensure a great deal of compliance and maintenance of cybersecurity standards. The need to keep up with the ever-changing standards in the landscape from Industrial Internet Consortium (IIC) and Industry 4.0 is quite imposing for most enterprises. Added to this, several Industrial Internet of Things (IIoT) is devoid of cryptographic controls like multi-factor authentication, secure boot, update, and encrypted communications. When deployed into the existing infrastructure, Mocana’s offerings help provide a compliant methodology to instill a wholly reliable and safe IoT lifecycle, ranging from legacy devices to newer internet-connected mission-critical devices. The cybersecurity software development tools enable a simplified integration of defense-level security by complementing IT network and OT security technologies. This includes firewalls, IDS/IPS, and threat detection. The cybersecurity tools empower the endpoint devices and gateways to protect themselves using on-device cryptographic controls, to avoid the extensive range of activities involving hacking, cyber attacks, phishing, and physical intrusions of vulnerable devices.

"Mocana’s unique set of solutions maintain the cybersecurity compliance and standards while ensuring a fully automated and managed IoT device security"

Unleashing Mocana’s Potential for a Competitive Future

Mocana, with its over-reaching impact in various operational domains, is breaking new grounds in providing a one of its kind end-to-end platform for the maintenance and management of cybersecurity and certificates. Its compliant and comprehensive approach, along with more secure authentication and encryption help automate and simplify the management of the IoT security lifecycle. The company aims at providing a stronger and more secure infrastructure for both enterprises and consumers. As stated by Diotte, “We are seeing strong demand for Mocana’s TrustCenter, and we aim to deliver on our promise of providing protected cities, countries and families.” The company, with its new undertakings and projects, aims at revolutionizing new technical capabilities and significantly reducing the malicious cyber activity cost. They further wish to expand its customer base of large defense, industrial manufacturing, and IoT companies, along with incorporating visibility and analytics tools into its TrustCenter platform. It plans on utilizing its resources to bolster their sales, marketing, and customer support operations, alongside its global expansion.

With Mocana’s solutions already succeeding it strives to further explore into newer ways of securing IoT devices landscape along with helping customers achieve their manufacturing supply chain. Mocana partners as well as caters to some of the leading industrial mammoths including Bosch, Echelon, GE Digital, Harris, Honeywell, Infineon, Intel, Kyocera, Panasonic, Samsung, Schneider, Siemens, and Wind River. “The Mocana IoT Security Platform is the most comprehensive IoT security solution for industrial manufacturers that are concerned about cyber attacks on embedded systems, IoT devices, and industrial cloud systems,” concludes Diotte.
- Jennifer Nivedita Naskar
    May 08, 2019

Mocana News

Mocana Introduces Automated Security Lifecycle Management to Simplify and Scale IoT Security

San Francisco- Mocana Corporation, the leading provider of mission-critical IoT security solutions for industrial control systems and the Internet of Things, announced the launch of Mocana TrustCenter™, the industry’s first services platform that provides a comprehensive system to manage security across the lifecycle of IoT devices and industrial control systems (ICS). Developed for manufacturers and operators of IoT devices and industrial equipment, Mocana TrustCenter ensures supply chain integrity, offering full management of cybersecurity across the entire IoT device security lifecycle – embedded systems and software development, manufacturing, device enrollment, and secure firmware updates. The new services platform complements Mocana’s industry-leading TrustPoint™ IoT endpoint security software that protects more than 100 million devices today.

“Traditional IT and OT security approaches are not enough to defend against the sophisticated threats from hackers and state actors,” said William Diotte, CEO, Mocana. “With escalating cyber attacks on critical infrastructure and IoT, it’s imperative that industrial companies implement stronger controls in their automation and control equipment. Mocana TrustCenter and TrustPoint make it easier to implement strong security into devices by automating the lifecycle of cybersecurity for a device. We’re thrilled that Mocana TrustCenter has the support of major industry leaders such as Intel, Dell, and Verizon.”

Mocana’s TrustCenter automated services platform can be deployed on bare metal, private cloud, or public cloud Infrastructure-as-a-Service (IaaS) and ensures the trustworthiness of both the device and the data from end-to-end. Mocana TrustCenter’s automated approach reduces the time it takes to install secure credentials on a device from minutes to seconds. The platform automates secure device onboarding, enrollment and over-the-air (OTA) updates for IoT and ICS. Mission-critical systems used in aerospace, defense, industrial manufacturing, transportation, medical, and automotive will benefit from Mocana TrustCenter by automating the IoT security software integration process.

Mocana’s TrustCenter™ has been integrated with the Intel® Secure Device Onboard (Intel®SDO) service to reduce the time it takes to automate provisioning of secure credentials onto devices based on Intel® Enhanced Privacy ID (Intel® EPID) identity built into the silicon.

“The onboarding process for IoT devices will not scale without automation of the enrollment process that Intel SDO delivers combined with the built-in privacy model of Intel EPID. Mocana TrustCenter automated security integrated with Intel SDO dramatically reduces the onboarding and digital certificate provisioning time to drive scale,” said Lorie Wigle, VP Product Management, Platform Security Division, Intel.

Key benefits of Mocana’s IoT Trust Platform include:

• Supply Chain Integrity: Mocana’s IoT Trust Platform ensures that devices and data are trusted. Using strong cybersecurity controls on the endpoints and the Mocana TrustCenter services platform, customers are able to securely manage the enrollment and firmware update process across the entire ecosystem: silicon vendor, device manufacturer, integrator and operator/end user.

• Faster Development and Provisioning: Mocana’s TrustPoint endpoint software provides a full-stack architecture for protecting endpoints with FIPS 140-2 Level 1 validated cryptography for securing the boot process, authentication, device and data integrity and secure transport. It is pre-integrated with more than 70 chipsets and 30 real-time operating systems. Mocana’s easy-to-use APIs make it easy to integrate TrustPoint with embedded applications and hardware. The Mocana TrustCenter “zero touch” security services platform reduces onboarding and enrollment of devices by more than 90% to mere seconds per device.

• Lower Cost: Mocana’s end-to-end security lifecycle solution provides a system of cybersecurity for developers, OEMs, and device owners to reduce the time and resources to implement and manage security on IoT and ICS endpoints. Mocana TrustPoint’s proven embedded security software and development framework reduces the time and cost to build strong security into devices. Mocana TrustCenter automates device enrollment and secures the update process to enable billions of devices to be securely manufactured, activated and updated.

“Supply chain integrity is one of the most important challenges facing the industrial IoT,” said Ed Amoroso, CEO of TAG Cyber, LLC. “Mocana’s IoT Trust Platform is tackling this problem head on by automating device enrollment and security provisioning. With tools for both suppliers and OEMs, Mocana’s trust services will simplify enrollment and secure updates.”

“Ensuring the safety, security, and reliability of control systems is critical,” said Joe Weiss, Managing Partner of Applied Control Solutions, LLC. “Mocana’s IoT Trust Platform can simplify the implementation of security across modern control and safety systems.

Company
Mocana

Headquarters
San Francisco, CA

Management
W. William Diotte, CEO