The data revolution in agriculture brings about a whole new world of opportunities. Managing inputs effectively, knowing when to irrigate, and keeping tabs on equipment from afar are all profit-boosting opportunities. But precision agriculture also brings security concerns. A 2018 Report from Inmarsat Research looked at the concerns of Industrial Internet of Things (IIOT) users, including agriculture. The report found that “98% [of ag industry respondents] have IIoT security concerns of some sort.” Thankfully, there are specific aspects you can consider to increase data security. To keep your agriculture data secure, make sure you ask the following questions.
Am I Using Dual Encryption?
Without any encryption, bad actors can intercept data packets, stealing them without you even knowing. But even single-layer encryption — encrypting the data over the air, and then decrypting it once it reaches a base station — has risks. For example, if your base station is stolen, all the unsecured data can be taken with it.
That’s why, on RealmFive devices, your valuable data is securely encrypted between all your devices and in the cloud. You and only you have access to your data. Even if someone were to physically steal your devices, they can’t decrypt the data on-board.
R5 Cloud uses multilayer encryption — on both the application and the network levels — to protect your data from threats. All of your data is encrypted at rest, and a network key is required for access.
Is My API Key Safe?
If you’re using an API to bring data into your own system, you will often be issued an API key. Your API Key to access your specific data is unique to you. But just like updating your password periodically, it’s good practice to revoke your key and get a new one every so often. Has someone with access to the API framework recently left your organization? Revoke your key and get a new one. You can do this yourself whenever you’d like to through RealmFive’s API portal.
Are My Devices’ Firmware Up-to-date?
Vendors will frequently issue new device updates. These updates can include adding features, fixing bugs, and updating firmware to keep the system protected from bad actors. Check the device manufacturer’s website frequently for firmware updates. This doesn’t necessarily mean a trip out to the site to update the device: you can push remote, over-the-air firmware updates to RealmFive devices from anywhere in the world.
Who Has Access to What Data?
The Department of Homeland Security listed several “critical security controls” in their 2018 report, Threats to Precision Agriculture, including:
- Controlled use of administrative privileges
- Data recovery capability
- Data protection
- Controlled access based on the need to know
- Account monitoring and control
Many of these critical security controls, including the ones listed here, depend on the precision ag service provider you choose. For example, in R5 Click, the Organization Admin manages access privileges for users across their operation. This gives the company more visibility and control over who can see what data. For instance, you can give your service team device health data only and give your growers sensor readings only.
Threats to precision agriculture operations are real, but there are steps you can take to combat them. When choosing a precision ag vendor, it’s important to evaluate their security design. Take a few minutes to answer these questions for your own system:
- Is your data encrypted over-the-air?
- When was the last time you changed your API key?
- Are all of your devices’ firmware up-to-date?
- Does your software let you control access to specific users?