Lots of people are talking about the Internet of Things or IoT. But while so many people are excited about what IoT could help accomplish, many others in the security world fear the repercussions that could come along with this new wave of innovation.
Imagine billions of connected appliances, from refrigerators to home surveillance cameras. What are the ramifications of this in terms of security?
IoT security is going to be tough. There will be floods of information moving through sophisticated systems, and, as always, battalions of hackers lurking in the shadows.
Here are some big tips in terms of keeping IoT systems secure.
1. Deploying IoT Appliances and Devices
While some feel like it might be a good strategy to deploy connective data devices inside a proprietary network, in reality, it’s actually better to treat most IoT data as external, to preserve a hard perimeter.
The idea is to use VPNs and other means to protect all data inside the network. In the IoT, if a specific end device is compromised, it’s better to have it outside the network so hackers can’t get more access to sensitive data. In some of the most publicized data breaches over the past years, the results were much worse when the bad actors got access to the inside of the network. Mistakes in user access privileges can also be a problem, so again, deployment of end devices outside of the perimeter is safer.
2. Monitoring and Automation
Having some sort of robust monitoring in place for a network is also a best practice, but it matters a lot what kind of system it is. The automation tools should be as integrated with the core of the system as possible. They should also be effective, by creating actual intelligent analysis. Otherwise, these tools are just running fancy logs that won’t foil any cyberattackers.
Professionals talk about the principle of having “eyes on glass,” of making sure that the automated analysis is actually getting read by a skilled human operator who can spot suspicious network activity. AI can help to some extent: for example, a well-calibrated analysis tool could set a firewall to do different things with different levels of traffic evaluated for threat level, including stopping traffic, maintaining a “quarantine” for data, or letting data through.
However, in the end, sentient analysis is critical. Otherwise, it’s hard to separate real threats from network noise – you end up with a lot of red alerts that end up being false alarms. Finding the balance between what automation can do, and what must be done by a human, is a major part of balancing an IoT security approach.
3. Updates and Upgrades
After an initial build and implementation, pursuing specific updates can also change network outcomes with IoT quite a bit. Here are three best practices in terms of focusing these updates.
Firmware and system requirements: planners should make sure that setups are well coordinated with core system updates.
Ports and Protocols: updates should look at specific protocols (HTTPS, FTP etc.) and ports, to direct or isolate certain kinds of traffic.
User Access: Planners should take care to evaluate who should have access to a given device, and for what purpose.
There’s another big rule that helps companies make the most of the IoT: it involves utilizing existing standards. The IEEE has current IoT security standards that bring universal safety to these data systems, but in so many cases, vendors are not using or complying with these standards. Part of the issue is classification – not all devices that may have IoT capabilities are classed as IoT devices. Changing this trend will greatly improve IoT security in general.
4. Scope of a Project
Another best practice involves how to scope a project.
With any IoT effort, it’s important to think about how many devices and how much data will be in play, and practically, how the system will work. As mentioned, IoT devices can be refrigerators or washing machines or toasters, or they can be sensors and cameras and handheld devices.
One overall recommendation is the use of “programmatic templates” that will govern a range of devices, first, by enumerating them in a system. Companies can use IP address blocks to track these sets of devices, or they can use MAC addresses. There are various options, but a templated approach brings order to what can be a chaotic process.
Use the above guidance to structure network setups and connect endpoint IoT devices in a safe way – and stay ahead of the curve with cybersecurity for enterprise.