Data in transit
Data transferred between devices is known as data in transit. While moving between devices, data can become vulnerable to attackers trying to intercept and steal information. Just like data at rest, you can mitigate this threat by using encryption, specifically ‘end-to-end encryption’. In this type of system, only the parties that need to use the data (the sender and recipient) know the encryption keys. As such, whilst the data is handled by the server, it cannot be read by anyone or anything other than those that understand the encryption keys.
When using end-to-end encryption however, it’s important to be aware that the sender and recipient sharing the same encryption key could also act as a single point of failure for multiple devices. With all of this in mind, it could be safer to use asymmetric key encryption. This method involves encryption keys that are unique to each individual communication session between two devices and, better still, these devices aren’t required to know the encryption key in advance.
Another way for attackers to cause harm is to disrupt data whilst it’s in transit and then modify it. Random data corruption from electromagnetic interference is often one of the tactics used, or attackers may carry out ‘man in the middle’ attacks. Either way, corrupting data can cause significant harm. For instance, it can lead to incorrect patient records, or in the context of your medical device, it can also lead to incorrect instructions to remote modules. Corrupt data can be identified and mitigated against by attaching robust signatures – like SHA256 – to the data. Devices receiving the data can then confirm that it’s valid by calculating the signature of the data that they’ve received. If the signature doesn’t match the signature provided, the data cannot be authenticated.
The second part of authentication involves identifying whether the source of the data is valid, as well as the data itself. Website and server certificates can be crucial here, as they can be used to confirm that communication is taking place with the correct host. Authentication data can then be exchanged between devices once encrypted communication sessions have been set up and it’s clear that the recipient is valid.
One of the easiest ways for attackers to access data stored on a device is to simply gain physical access to the device. While it’s common to use passwords to secure computer systems and similar devices, these can often be used as a point of entry if attackers are able to find them or figure them out. As with any IT security measures, using the same passwords across entire systems isn’t wise – it increases the chances of attackers accessing all devices within an ecosystem. When devices are configured, they will require a default password, but this should always be entirely unique. One way this risk can be mitigated is by implementing adequate password policies – each user and each device should have a unique password and, wherever necessary, access to data must be restricted. Password updates post-launch are also vital.