The Internet of Things (IoT) is a marvelous idea, conceptually. All our personal and work devices talking to each other to enhance data collection and exchange, to improve how they respond to our needs and make our lives more streamlined and more efficient. Companies are looking for any way they can get their new product to wirelessly sync into a network but, they aren’t taking all the safety precautions you’d hope. Here are 8 Tips from ITToolbox on how to make sure your valuable company data is as safe as it can be.
1. Get a Vulnerability Report from the Vendor
Do your research before investing in any IoT device, and make sure that security is on the checklist of questions to ask vendors.
Request vulnerability scan results for the device and web application (if the device has one), and a vulnerability report as a part of the acquisition process.
2. Make Security Patches Part of the SLA
Security vulnerabilities will happen. That is hard to fully prevent. If your business is relying on these devices, however, make sure that your vendor includes security patches as part of their service level agreement. Make sure that critical patches will be developed and applied as soon as vulnerabilities are discovered.
3. Know Where Your Data Goes
IoT devices transmit data. That is what they do. Make sure that you know where the data from these devices is going and how it is stored.
If the device is transmitted only to your firm’s cloud infrastructure, the data trail is easy. If vendors and third-parties receive all or part of the data, however, you must make sure that this data is both transmitted and stored securely in a way that minimizes data security breaches. Always pay attention to the places your data goes.
4. Choose IoT with Remote Firmware Upgrades
Keeping devices secure over time is hard, especially if there is no way to upgrade firmware remotely. Any IoT device that can’t have its software hardened after it is deployed in the field is a huge security risk. Avoid such IoT like the plague.
5. Always Use Role-Based Network Access
Segmenting IoT devices on the network and establishing tight role-based access can go a long way toward reducing security risks.
The chances of a vulnerability being exploited are much lower when strict role-based access is established, since the risk surface of the devices is lower.
6. Encrypt IoT Traffic during Transit
What’s the best way to protect IoT device security?
“End to end data encryption,” stresses Raman Sapra, the vice president and global leader for Dell Digital Business Services.
This means not only securing IoT data at the data center level, but also transmitting it securely with encryption during transit.
As fundamental as this sounds, many IoT devices don’t force encryption during transit. Make sure your IoT devices work with this security practice.
7. Change Default Passwords
IoT devices frequently are insecure by default because they ship with standard default passwords that are easy for hackers to uncover. Don’t accept the default security posture of any IoT device.
8. Stay Vigilant Through Constant Monitoring
As we’ve noted, it is hard or impossible to guarantee perfect security with any device. Even when the above habits are in force, it still pays to keep watch of suspicious network activity and developing security threats around your IoT devices.
If data security is important to you, and it should be, contact the experts at Great Lakes Computer to learn more about monitoring services.