IoT Initiative – Security: Things to Keep in Mind

by Shanthi Rajaram

In the mad rush organizations are making to take advantage of the vast potential and efficiencies that the Internet of Things provides, many organizations are forgetting about a crucial risk area: security. Hackers are well aware of this and know how to exploit your eagerness and vulnerability. Consider these alarming statistics:

Check Things Out Before You Hook Them Up

  • There will be more than 20 billion connected IoT devices by 2020.
  • 76% of risk professionals believe their IoT involvement will leave their organizations at risk.
  • The average time it takes for an IoT device to be connected to the Internet before it is attacked is 5 minutes.
IoT Initiative – Security: Things to Keep in Mind

*Source: www.securityboulevard.com

Be smart and be prepared!!

Here are some areas for which you should develop a strategy and to which you should devote resources as you commit to the Internet of Things:

SYSTEM-RELATED:

  • Invest in top-grade internet security software.
  • Set strict identification, authentication, and password integrity processes.
  • Ensure efficient data encryption is implemented.
  • Update to the latest versions of product/software for optimal performance and minimized vulnerabilities.
  • Deploy virtual private network to send and receive data across shared or public networks.
  • Educate frequently and educate all. You are only as strong as your weakest link.
  • Always have an up-to-date risk mitigation and recovery plan in place.

DEVICE-RELATED:

  • Stick to dependable, well-tested security certified brands.
  • Choose a flexible and scalable management platform that will support a broad range of IoT devices.
  • Ensure device capabilities and functionalities are understood and configured appropriately.
  • Audit, retire, and delink unused or out-of-date IoT devices in a timely manner.

Continue to review this list and update it on a regular basis to keep up with the ever-changing technology landscape and emerging information security threats.