Light Dark
June 5, 2017 By Scott Koegler 3 min read
Endpoint
Network

As your Internet of Things (IoT) device population grows, managing it becomes increasingly difficult. More devices means more potentially vulnerable endpoints, more identities to verify and more software to keep up to date.

Four Keys to Effective IoT Population Management

To effectively manage your IoT population, it’s important to know your users, devices and their functions, and understand how they connect to each other and your network. Build security into your management strategy by considering these four areas of concern.

1. Authentication

The beauty of IoT devices is their simplicity: They’re designed to be unboxed and plugged in. Once connected to your network, the unit authenticates itself to its manufacturer’s site, where it announces its presence and asks for any updates that may be available. Once that’s done, the device does whatever it is designed to do.

Authentication is only part of the provisioning process that adds the device as a known entity on your network. But because setup is so simple, many IoT devices are connected without this standard part of validation and configuration protocols for network connected devices. Network intruders know they can find vulnerable access points in unvetted IoT devices and have already used seemingly benign items such as security cameras to invade enterprise networks.

Chief information security officers (CISOs) must perform network scans to detect all IoT products in their domain and take measures to validate and secure them.

2. Absolute Control

IoT products are often installed in remote locations, mobile environments and places that are just difficult to get to. A connection to the network is generally made via cellular services, which enable remote configuration and management so that updates and changes can be done as needed.

Make certain that the control functions include methods to update firmware, roll back configuration changes to previously known good states, and complete data and credential wipes so that units can be decommissioned easily prior to physical retrieval when necessary.

3. Status Checks

IoT populations can grow to thousands of devices spread across wide areas. When all is working well, there’s no action to take, but there can still be processing anomalies that don’t rise to the level of failure and aren’t reported as problems. Even so, small performance variables can cause issues that ripple across your network. Just a few nodes operating below standards can create problems that result in low customer satisfaction.

Ensure that the developers of your IoT devices have built in functions to deliver performance metrics and periodically send system logs for analysis. The most proactive suppliers will not only deliver those data sets, but also provide the necessary analytics and send alerts.

4. Keeping Software Up to Date

Updating the software that makes IoT products smart is a fact of life. No software is ever complete, particularly if you are deploying relatively new products. For devices that you develop within your own network, assume that the code is incomplete and that there are security flaws, even if you’ve gone to exceptional lengths to test and validate them.

At some point along the way, you will need to perform updates on various software components ranging from bootloaders to the main application. Build the update processes into your plans, consider how and where the devices are used, plan for the least convenient problems to happen and build your plan to recover from those problems.

If you deploy commercial devices, work with the supplier to ensure that all the safeguards and update protocols you would design into your own implementations are available and functioning in the units you purchase. The manufacturer may be responsible for their products, but they live on your network and connect to your enterprise, so the intrusions will ultimately land at your doorstep. Make sure you have the tools in place to maintain your own security.

A New Security Challenge

The IoT is a current reality of enterprise technology, but security is and will always be a challenge as thousands of intelligent nodes are added to distributed networks. Know the internals of the products you deploy and keep them up to date to protect your network and the data that runs your business.

Listen to the podcast series: 5 Indisputable facts about IOT security

 |  |  |  |  |  |  | 
Scott Koegler
Freelance Writer and Former CIO

More from Endpoint
November 28, 2023

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

October 30, 2023

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature