How did you work with the customer to secure these flaws?
Brian Blanchard: So we implemented a two-part IoT Suite security model, where every device had an encrypted key and was provisioned before it went to the field. And then there was another key inside of the web servers to receive the data. The two keys had to coincide, and match up with a registry that showed what devices were talking to which server. And if devices without the appropriate key ever spoke, it was flagged and reported as potentially false data. We wanted to make sure there was no one possibly stealing data, or misrepresenting or re-routing it. So those were two really big security gaps we were able to fill in with the IoT Suite and the device registration component to that.
