5 Key Insights for Designing, Securing & Implementing IoT

ProgrammingSecurity
Written By Elizabeth Rosalijos

Posted by Tim Matteson

Originally Posted by: Mimi Spier

The Internet of Things (IoT) is here to stay—and rapidly evolving. As we try to make sense of IoT’s impact on our lives and businesses, we also continue grappling with the security challenges.

As the IoT security landscape evolves, here are five key insights for designing and implementing IoT deployments for your enterprise.

1. Protect Your People

IoT has opened up a world of possibilities in business, but it has also opened up a host of ways to potentially harm employees and customers. A security breach is not limited to stealing credit card data, anymore. Anyone with the right access could breach firewalls or steal health records. A key challenge of the IoT world is providing the right access to the right people at the right time.

[Related: 5 Real Ways to Enable IoT Success in Your Enterprise]

2. Watch Your Things

As millions of “things” start joining the enterprise network, it also expands the surface area for hackers to breach your system. All these devices will be leveraging public Wi-Fi, cloud, Bluetooth networks, etc., which will create multiple points of vulnerabilities. Your system needs to be designed for security from the bottom up to account for:

A) Device level: better quality devices

B) Data level: encryption and cryptology

C) Network level: certificates and firewalls

D) Application level: login/authorized access

3. Poor Quality of Things

The standards for IoT hardware and software are still evolving, which means until we have any established guidelines, we need to account for a vast range in the quality of “things.” Some of these may be very sophisticated and hardy, while others may be of the cheap disposable variety. Which devices you pick may depend upon factors like cost, usage and the use case itself. However, be warned that lower-quality devices have been used to gain entry to a secure network.

“By 2020, more than 25% of identified attacks in enterprises will involve the Internet of Things (IoT), although the IoT will account for less than 10% of the IT security budget.” Gartner

4. Is Your Network Ready?

One of the biggest challenge for any IT department implementing company-wide IoT projects will be assessing and managing bandwidth. As millions of devices join your network at increasing rates, scaling your network’s bandwidth will be an ongoing struggle. Your bandwidth needs must remain elastic, so you can support your enterprise needs, while minimizing costs. It is critical to minimize exposure of your networks by using, for example, micro-segmentation.

5. Data Is Your Friend

As with protecting any system, predictive maintenance is the way to stay a step ahead of breaches. The usual ways of pushing out timely security patches and software upgrades will continue to be helpful. However, one big advantage of IoT is the sheer amount of data it generates. You can track operational data to create alerts based on anomalies in the system. For example, if someone logs into the system from Atlanta and then, 30 minutes later, logs in again from Palo Alto, the system should raise a red flag.

You can view the original post by clicking Here.

Elizabeth Rosalijos
Previous

Infographic: Medical Device Security

Next

Relief or Haunting? The Gaping Challenge about Smart Home Security