Security and Connectivity for the IoT Edge

+1 978-264-6600


IoT Edge Device Security

Home / IoT Edge Security Introduction / IoT Securing IoT Data at Rest

Securing IoT Data at Rest

IoT devices capture and store data, and this data is often of a sensitive nature. For example, a connected hospital bed stores patient information that is highly personal and confidential.

Data that is produced and subsequently stored by IoT devices is referred to as data-at-rest, and it is often assumed these devices are secure even though that may not be the case.

It is critical that data-at-rest be stored safely, and measures such as encryption are used so it cannot be accessed or viewed by unauthorized personnel.

There are many regulatory standards, such as HIPAA and HITECH in the medical industry, to ensure that data, in particular personal data, is protected.

Data must be safe throughout the lifecycle of the device. In the middle of life stage, an IoT device might be deployed, then called back for service, and then it may be reassigned and deployed again. In this cycle, the device has valuable data after it is deployed and this needs to be inaccessible when it is being serviced. Once the device is reassigned, the data needs to be written over in some shape or form.  


Using Self Encrypted Drives to Secure Data at Rest

A Self Encrypting Drive (SED) is a disk drive that takes a 1 size fits all approach. While a SED does encrypt and store the data, it is difficult to manage at scale and not commonly used within embedded IoT systems.

All the data on a SED is secured by a single key – which means individual files or directories cannot be secured with their own unique keys. There is only one key to the kingdom.  


Allegro’s Solution for Securing IoT Data at Rest

A more practical and flexible approach is to use technology that allows for root directories, sub-directories and individual files to be encrypted and protected with their own keys.

Allegro’s ACE™ technology has a file extension that works with a device’s file management system and has layer encryption. This allows for hard drives to be encrypted in their entirety, by sub-directories, or individual drives. The drive can have a key and there can also be multiple keys for sub-directories and individual files. This is more granular than using one key to encrypt the entire device, and makes data-at-rest storage simpler and more flexible while maintaining security and integrity.

Allegro’s out of the box RomPager® or RomWebClient™ software allows for securing IoT data-at-rest with FIPS validated cryptography.

Let’s Talk IoT Security

Implementing IoT device security can be a challenge. Let us help you by sharing our proven framework for integrating a proactive security approach into your design. Click the button below to schedule a one-on-one web conference to discuss your security needs.