With the Internet of Things (IoT) trend continuing to grow, it’s difficult to tell how best to protect yourself from its risks. This type of technology has many risks, so it is important to set up defenses so you can protect yourself and your company.
The IoT will not stop growing, and eventually, everything in the IoT will be connected wirelessly. Start by protecting your Wi-Fi infrastructure from cybercriminals and other malicious actors. If someone takes control of your Wi-Fi administration, he or she can take control of your operation if it is based on IoT devices. Choose the best access points, update the firmware and design a good architecture, because if your Wi-Fi is infiltrated, everything stops.
Like your servers, you must scan your devices for vulnerabilities. Remember, you will see many types of equipment. Fix and patch everything in your network — any breach is a good breach for cybercriminals. Making sure all your online security updates are up-to-date is an important practice, as well.
Watch the on-demand webinar to learn more about securing the internet of things
Best IoT Security Practices
The following are other IoT security tactics you should consider implementing:
- Design a good perimeter protection with a firewall and an intrusion prevention system.
- Include everything in a security information and event management environment.
- Implement an emergency response program.
- Include a good identity and access management program with your IoT program for central user control. Consider, for instance, using a cloud identity approach.
- Implement two-factor authentication where practical.
- Have the administrators of your devices use privileged user control.
- Search for standardization. This is only in its beginning stages now, but the market will soon define standards for the IoT, including security standards.
- If you have a third-party IoT provider, consider due diligence.
- Stay informed with key sources of security through groups such as the National Institute of Standards and Technology (NIST).
What Can Get Hacked?
Some examples of IoT devices include cars, lighting systems, refrigerators, telephones, Supervisory Control and Data Acquisition (SCADA) systems, traffic control systems, home security systems, televisions and DVRs.
When we talk about the IoT, there are many types of security events that could occur. For instance, home devices such as thermostats or Wi-Fi routers could have their settings changed by cybercriminals requesting money. Trojans could be implanted in printers for espionage, or attackers could maliciously take control of a car system. Information could be stolen from smartphones, or there could be an interruption of SCADA systems.
In conclusion, these steps are just the minimum precautions to take these days. When the IoT becomes ubiquitous, you will need to put more controls in place. Consider including the IoT in the security life cycle of your company — if your company doesn’t use these approaches now, tomorrow is a good day to start.
Alfredo Santos is a contributor for SecurityIntelligence.