Cumulocity IoT Feedback Portal
If the platform gets compromised, right now the only way to stop devices from communicating is to temporarily disable device communications and then re-enable when the compromise is resolved.
That can take time with a large fleet - during which those devices are exposed to a compromised platform. That is frightening from the Security perspective.
A preferable solution would be to have a REST endpoint to be something like "communications status" and disable or enable be the default. then, if there's a compromise or other emergency, we could call the endpoint, stop communications instantly, and leave it until the issue is solved and then re-call the endpoint to re-enable communicaitons
It is about device connections. Especially in our use case where we distribute operations and software to fielded devices, we need to ensure that a compromised management infrastructure isn't capable of distributing undesired software or operations to our devices.
Users in this case aren't that important since they wouldn't be affected. I suspect that in the event of compromise being detected, SwAG's staff will be very busy dealing with the issue (I suspect) and all these requests would be more to do.
Hi Dave,
I have added this to the agenda for our meeting on 23rd October. we need to understand the context, in other words is it the device connections, what about the device users? The platform can be disabled in its entirety by the Management Tenant (aka The Operations Team), this cannot be given to a tenant administrator.
Look forward to speaking with you.
Regards, Jane.
Hi Dave,
thank you for submitting this suggestion, I will discuss with Saran and get back to you.
Regards, Jane.