With the Internet of Things (IoT) trend continuing to grow, it’s difficult to tell how best to protect yourself from its risks. This type of technology has many risks, so it is important to set up defenses so you can protect yourself and your company.

Getting Started

The IoT will not stop growing, and eventually, everything in the IoT will be connected wirelessly. Start by protecting your Wi-Fi infrastructure from cybercriminals and other malicious actors. If someone takes control of your Wi-Fi administration, he or she can take control of your operation if it is based on IoT devices. Choose the best access points, update the firmware and design a good architecture, because if your Wi-Fi is infiltrated, everything stops.

Like your servers, you must scan your devices for vulnerabilities. Remember, you will see many types of equipment. Fix and patch everything in your network — any breach is a good breach for cybercriminals. Making sure all your online security updates are up-to-date is an important practice, as well.

Watch the on-demand webinar to learn more about securing the internet of things

Best IoT Security Practices

The following are other IoT security tactics you should consider implementing:

  • Design a good perimeter protection with a firewall and an intrusion prevention system.
  • Include everything in a security information and event management environment.
  • Implement an emergency response program.
  • Include a good identity and access management program with your IoT program for central user control. Consider, for instance, using a cloud identity approach.
  • Implement two-factor authentication where practical.
  • Have the administrators of your devices use privileged user control.
  • Search for standardization. This is only in its beginning stages now, but the market will soon define standards for the IoT, including security standards.
  • If you have a third-party IoT provider, consider due diligence.
  • Stay informed with key sources of security through groups such as the National Institute of Standards and Technology (NIST).

What Can Get Hacked?

Some examples of IoT devices include cars, lighting systems, refrigerators, telephones, Supervisory Control and Data Acquisition (SCADA) systems, traffic control systems, home security systems, televisions and DVRs.

When we talk about the IoT, there are many types of security events that could occur. For instance, home devices such as thermostats or Wi-Fi routers could have their settings changed by cybercriminals requesting money. Trojans could be implanted in printers for espionage, or attackers could maliciously take control of a car system. Information could be stolen from smartphones, or there could be an interruption of SCADA systems.

In conclusion, these steps are just the minimum precautions to take these days. When the IoT becomes ubiquitous, you will need to put more controls in place. Consider including the IoT in the security life cycle of your company — if your company doesn’t use these approaches now, tomorrow is a good day to start.

More from Mainframe

How Dangerous Is the Cyberattack Risk to Transportation?

If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks. In one event, attackers breached the New York Metropolitan Transportation Authority (MTA) systems. Thankfully, no one was harmed, but incidents like these are cause…

Low-Code Is Easy, But Is It Secure?

Low-code and no-code solutions are awesome. Why? With limited or no programming experience, you can quickly create software using a visual dashboard. This amounts to huge time and money savings. But with all this software out there, security experts worry about the risks. The global low-code platform market revenue was valued at nearly $13 billion in 2020. The market is forecast to reach over $47 billion in 2025 and $65 billion in 2027 with a CAGR of 26.1%. Very few,…

Starting From Scratch: How to Build a Small Business Cybersecurity Program

When you run a small business, outsourcing for services like IT and security makes a lot of sense. While you might not have the budget for a full-time professional on staff to do these jobs, you still need the services.However, while it might be helpful to have a managed service provider handle your software and computing issues, cybersecurity for small and medium businesses (SMBs) also requires a personal, hands-on approach. While you can continue to outsource some areas of cybersecurity,…

A Journey in Organizational Resilience: Supply Chain and Third Parties

The next stop on our journey focuses on those that you rely on: supply chains and third parties.  Working with external partners can be difficult. But, there is a silver lining. Recent attacks have resulted in an industry wake-up call when it comes to cybersecurity resilience. You see, the purpose of using external partners is to take advantage of a capability that your organization did not have, or the vendor was just better at than you. In turn, there was…