Blog

Improving Security for the IoT

December 5, 2016
Improving Security for the IoT

With the rise of the Internet of Things (IoT) has come greater conversation on security flaws and vulnerabilities. These vulnerabilities are often considered inherent, but this is largely due to the fact that the IoT is behind the curve on protection mechanisms, and manufacturers aren't focusing enough on improving their security.

No business likes to have to clean up after a data breach. To truly ensure IoT security, businesses should start to focus on preventing breaches rather than waiting for them to happen. There are five main things to concentrate on to do this:

  • Firmware
  • Hardware
  • Monitoring
  • Reused code
  • Secure updates

Firmware

The boot process needs to be protected in order to ensure data safety and make it more difficult for an attacker to run their own code. Custom hardware and a secure boot system will help to ensure a high level of security, but businesses should also be running regular firmware audits.

Hardware

Businesses that don't create their own hardware should look into manufacturers who are aware that hackers can use vulnerable hardware to get into the software. A manufacturer who is aware of this should be working to ensure that their hardware can withstand an attack.

Monitoring

Knowing how a device should behave and monitoring for any that aren't acting the way they should will help businesses identify a threat quickly. Devices should also be checked to make sure they are configured correctly, and that users aren't misusing them.

Reused Code

Reusing code can cut down on time and costs, but it also means that any flaw is carried along through product lines. This can affect thousands of devices from the same company. Businesses should be aware of this risk, prepared to perform frequent audits to catch any problems, and be able to ensure that they know what to do in the event that a vulnerability is detected.

Secure Updates

All devices should be kept up to date, but only about 10% are updated when a patch is released for a vulnerability. Businesses need to enforce their security policies for any device that employees and other users employ. They should also try to ensure that any firmware they use has continuous support from the manufacturer behind it, so that vulnerabilities are patched and in a timely manner.

The IoT is still relatively new, and companies that are used to servers and desktops may not realize that they're leaving themselves open to a breach. By applying the above measures, businesses can help ensure sensitive data is kept as safe as possible.

RECENT POSTS
ARCHIVES

CATEGORIES