Domorela's Blog: Security by Design: Decision-making
In the previous article we talked about security considerations giving examples of two security measures taken in the design of Domorela. We want to remark in this article that from the very begining we have taken security into account. That is, we started the decision-making process with security in mind and we think it would be applied on the design of every project in which Domorela is present.
Security measures it's not just the ones related with hardware and software, we must also include the ones related with the operation of the service implemented by the hardware and software resources we use. Thus, due to security reasons, we decided to offer the possibility of implementing both on premise and cloud based solutions using Domorela. Obviously, on premise solution implied that Domorela should be a hardware appliance, while cloud based solution implied that Domorela should be an IoT platform. Thus Domorela is an IoT hardware appliance that serves to implement an Intranet of Things.
Which of the above two options is the best from the security point of view? Well, there is no definitive answer because it depends on several factors like the distribution and size of the facilities where automation systems are being used, the critical nature of the service, the physical security measures that can be taken in the facilities, the security knowledge of the internal staff, the budget, etc.
As they are part of the real world, IT environments aren't so simple to say the same solution is applicable in all the cases. We should adopt one or another, even a mix between them, depending on the characteristics of the project we are facing. Thus we conceived Domorela to be used on premise, to be managed locally or remotely in a sort of mixed solution, or as an edge gateway of a cloud service.
The key point in IT security is to offer the minimum attack surface to the possible threat vectors not forgetting to also include preventive measures for the ones not yet known. So decision-making in the design of Domorela included security considerations in each step. This doesn't mean that any project plan including Domorela can be done without taking into account IT security because the job was done previously. All projects must be designed and implemented thinking in IT security and Domorela is an excellent tool to achieve this.
Our next article will talk about secure components included in Domorela.