DDoS attacks continue to dominate the cybersecurity agenda. 2021 saw the largest number of attacks ever launched, with Australia the third most targeted country in application DDoS attacks. Microsoft\u2019s Azure platform alone stopped an average of almost 2,000 attacks per day and the notorious Apache log4j DOS threat was ongoing as recently as December 2021.\n\nThe IoT is no less impervious to attack than traditional websites and web services, including cloud-based storage and application layers. Specialist end-to-end IoT providers invest heavily in hardening their networking solution to defend and secure systems from DDoS attacks across their modular architecture.\n\nA complete solution for preventing successful DDoS attacks\n\nFour key components keep your IoT systems safe against DDoS:\n\n1. Sensors\n\nPhysical security is more than a strong box. The printed circuit board (PCB) and cabling are encased in damage and tamper-proof housing. The data is protected even if someone could get to the hardware with the storage media using encryption and self-signed certificates for user verification. The PCB hardware should be certified as the highest quality available to ensure seamless interoperability and continuity of service.\n\nIoT security starts with the hardware \u2013 your IoT provider is likely to work with off-the-shelf and bespoke products.\n\nThe sensor software, or firmware, also needs top level security - that data is your intellectual property. Moving it securely from the sensor to the gateway employs various levels of security verifications and protocols.\n\n\n\n2. Network Gateway\n\nOnce your sensors are in hand, your IoT specialist installation team ensures networks are meticulously planned for seamless, reliable function. This includes:\n\nThe network gateway connects the sensor to the cloud \u2013 a data centre that\u2019s reached through the public internet and a key entry point for malicious intent. Check your IoT provider uses the MQTT protocol for a cleartext exchange of information to verify the information packets.\n\n3. Data processing\n\nData centre tenancy is shared by multiple hundreds of users. This demands firewalls and other network-based architecture to ensure privacy and security between tenants.\n\nSeveral layers of security are highly recommended. While some layers are implemented and assured by the server host (think Azure or AWS) other cybersecurity layers are implemented by data owners.\n\n4. Application Layer\n\nOnce the data centre has dealt with security, analytics, storage and computing \u2013 and pushed the model back to the edge node \u2013 data and reporting are available through your IoT user app.\n\nWe\u2019re all familiar with application-based security, like multi-factor authentication. Other common security measures are allow listing (allowing certain IP addresses access) and deny listing (refusing access to certain IP addresses). Web application firewalls (WAF) are another way of filtering application level requests \u2013 often the first port of call for DDoS attackers who might mimic a certain URL or IP address.\n\nIf your system is breached or affected by a DDoS, there are ways to mitigate the effect. Look for a provider who uses replication services so that, for example, if a server in Sydney is down, the Perth server takes over.\n\nMultiple data centres also work together to load balance. Where a DDoS attack literally floods a site or service with false requests, threatening loss of service, load balancing kicks in to \u2018absorb\u2019 the attack while ensuring continuity of real service.\n\nNeed help keeping your IoT deployments safe and secure? Learn more about end-to-end managed services for IoT.\n\nWhat\u2019s under the hood of Australia\u2019s most secure enterprise IoT network?\n\n365mesh offers end-to-end IoT solutions \u2013 from design and install of physical sensors and devices, through network and deployment, data processing and an application that delivers visibility and task automation. The glue that holds it all together? Edge computing.\n\nOutcomex, owner and creator of the 365mesh platform is a Cisco Gold Integrator and IoT Specialised. Our team of CCIEs are experts in networking and connectivity. Outcomex is a two-time award winner of Cisco\u2019s Global Partner Innovation Challenge for cutting-edge IoT industry solutions. Contact the 365mesh team to get started with Cisco hardware for your IoT deployment.