[...]
To combat the threat of the 'evil Internet of Things', much needs to be done, at both an individual or company level, and at a broader industry level.
• Hard-wiring security into every device: IoT manufacturers and vendors need to consider the evolving nature of security in their product development from the outset. Achieving IoT security from the ground up involves ensuring the rigorous encryption is ‘baked’ into the devices themselves.
• Taking responsibility: Organisations embedding and allowing connected devices onto their networks must develop strong controls to ensure no weak links in the chain. This could include ‘bring your own device’ policies to manage mobile devices and wearables in the workplace, thorough analysis and testing of any IoT vendor they’re using, and information security policies to manage the protection of sensitive data.
• Achieving standardisation: Many current machine-to-machine protocols were designed to be fast and efficient on local closed-loop networks. Now that we’re connecting many of these devices to the open-loop IP standard, their vulnerabilities are becoming clear. In the modern, connected world, the devices need to comply with the established security protocols to ensure they can be safely patched into the global internet.
• Focus on the information that’s being secured: As individuals, we’re generally comfortable with vast amounts of personal data stored with ecosystems managed by the likes of Apple, Google and Facebook. As businesses, we need to adopt the same diligence as these digital leaders, in focusing on the protection of personal data from employees, customers, partners, and other stakeholders.
• Threat detection and early response: The threat landscape is in a never-ceasing state of evolution. So with all these other practices in place, attacks are still possible. It’s essential for organisations to develop the instrumentation to quickly spot any attacks, and minimise the damage.
[...]
See more at: bizcommunity.com
No comments:
Post a Comment