Skip to main content

IoT Security: Put a Ghost in the Cloud

By October 12, 2017Article

Some might say we are in the era of the Internet of Things (IoT), we say it’s more the era of the “Internets of Things (IsoT). ” The Internets of Things requires many networks and many layers of devices to function, but once hardware and software are virtualized they become part of the fabric of shared resources connected with the public internet.

According to a Gartner report about IoT Technologies for 2017 and 2018, “A recurring theme in the IoT space is the immaturity of technologies and services and of the vendors providing them. Architecting for this immaturity and managing the risk it creates will be a key challenge for organizations exploiting the IoT.”

Enterprises using the IsoT are ultimately responsible for the security of their applications in any virtualized environment. Because the “Internets of Things” is still immature, it’s not a secure space to let “Thing A” talk directly to “Thing B” and also have the ability to perform an action.

Put Ghosts in the Cloud

How can enterprises handle IsoT security? For every device or enterprise application that is ‘real’ there should be a ghost or doppelgänger in the cloud. By doing this, people can more directly manage the cloud version of their “Things.” In other words, users need to set up a “doppelgänger node”or a “state model” to securely connect each “Thing” in the cloud.

For the enterprise, a ghost “doppelgänger model” setup creates an exact replica, or a proxy, of Thing A in the cloud. With some traffic analysis to make sure it’s the right kind of traffic going between them, Thing A’s and Thing B’s proxies can only talk to the doppelgänger version, not directly to the real Thing A in the cloud, making it more secure.

This approach delivers the following benefits:

  • A mirrored doppelgänger model keeps enterprise assets safe by creating a hub and spoke connection between the real Thing A and its proxy.
  • A mirrored doppelgänger model also provides a secure way to control traffic between devices.

With so many devices connecting to a network 24×7, hackers have a greenfield of opportunity to breach the enterprise and move from application to application to gain access to all resources on the network.

As if we needed more proof, the massive Mirai based DDoS attack on October 21st 2016 took down much of the internet. The attack targeted the Domain Name Service (DNS) infrastructure provider Dyn, effectively taking the legs out from under many internet services. The Mirai attacks are a signal that in the world of devices and Things, there is a legitimate need for security as well as an understanding of how IoT devices connect via networks.

Enterprises want to take back “attestable control” in a hyper-connected environments, with enterprise resources spread across providers, regions, and technologies.

Securing and controlling multiple networks with proxies in between can prevent IoT security disasters. Instead of putting a variety of devices on a network, ghost nodes connect them and force devices and applications to operate independently.

All organizations using the cloud need connectivity that can quickly adapt to the shifting market landscape. The ghost or doppelgänger model is the future of the security for IsoT.


Patrick Kerpan is a co-founder and CEO of Cohesive Networks and is responsible for directing product, technology and sales strategy.  Previously, he was the CTO of Borland Software Corp which he joined through the acquisition of Bedouin, Inc., a company he founded.