IoT security remains a serious concern as the world of connected devices continues to expand. According to a recent report from ForeScout Technologies, 65 percent of senior IT decision makers in the UK and central Europe are unsure about whether IoT devices in their organization are identified and controlled. How can enterprises protect their networks against would-be attackers?
Understanding known threats is the first step to establishing best practices in IoT security. The ever-growing number of IoT devices creates an expanded attack surface for hackers, offering many more potential entry points to a network. Many devices remain connected to the Internet around the clock, making them more vulnerable than end-points that are powered off overnight. IoT devices have exploded onto the market from a wide range of companies over the past few years—and in their haste to present products to consumers, some developers neglected to adequately protect devices from hackers. Since IoT devices often control physical systems such as cars, elevators and security systems, potential hacks could result in loss of life, rather than simply loss of data.
Security from the start
To ensure security for enterprise IoT devices, developers must focus on creating protected, frequently updated systems built around secure hardware that’s tamper-proof. If open-source software is used, developers should be sure to address any security concerns that arise. From initial blueprint to a product’s release on the market, IoT developers must prioritize security along with ease of use and functionality. Once devices are deployed, companies must remain vigilant by offering software updates and patches.
Two of the biggest IoT threats enterprises face are DDoS (Distributed Denial of Service) attacks and ransomware (malicious software designed to hold computer systems hostage). A widespread DDoS attack in October 2016 blocked a number of popular sites and drew media attention to malicious cyber activity. To safeguard their networks against such attacks, enterprises must secure their IoT platforms from end to end, ensuring safety of data, devices and things, networks, applications and users. A horizontal IoT platform for enterprises presents the possibility of mix-and-match architecture while ensuring protection for all layers of the network, from access to application. At the physical level, an enterprise’s IT personnel should install anti-malware protection, update passwords frequently and be sure to stay up-to-date with software updates and security alerts. Because systems only remain secure when everyone stays alert, security education for all employees should also be a priority.