IoT Security Fact #4: Weak Configurations Will Persist
The Internet of Things (IoT) is the next frontier for security practitioners and the rules are still being written. In each episode of this podcast series, “Five Indisputable Facts about IoT Security,” the IBM experts will examine one fact that should be considered when building and deploying IoT devices. The purpose of the series, and the accompanying infographic, is to help end users and manufacturers understand how to increase security and protect data in the IoT.
Listen now for the complete insights from our featured panel of IBMers: Diana Kelley, global executive security advisor; Tim Hahn, chief architect of Internet of Things Security; Andras Szakal, VP and CTO for U.S. Federal; and James Murphy, offering manager for Watson IoT Platform.
This episode looks at Indisputable IoT Security Fact #4:
Weak Configurations Will Persist
Changing the default configurations of an IoT device takes thought and effort, and for this very reason it too often does not happen. If a given device’s default settings have access control turned off, for example, it is left to the new owner to take measures to improve that security.
Rather than putting security in the hands of the end user, device manufacturers should ensure that security options are enabled either by default or as part of an initial setup process. Users would then be required to make a conscious decision to strengthen the default protections, rather than allowing weak configurations to persist indefinitely.