How to Adequately Account for and Secure IoT Devices
In a world that is increasingly fast-paced, continuously evolving, and especially competitive, the Internet of Things (IoT) has introduced an entirely new era of connectivity and productivity. For the most part, consumers and businesses alike would argue that the IoT has transformed our every day lives for the better. From optimizing business processes to automating monotonous, manual tasks, IoT devices are integrated in nearly everything we do. In addition to this, many organizations rely on a web portal for multi-device management. This convenience, however, comes at a cost.
That cost comes in the form of immense challenges associated with enterprise data security and privacy, including:
- Managing default credentials
- Maintaining proper controls for storing customer data in the cloud
Given the purpose of many IoT devices, think phones, printers, and cameras, many organizations underestimate the amount of proprietary data that can be found on them. As a result, security is often an afterthought for IoT vendors and these devices are utilized as the gateways through which malicious hackers make their way into corporate systems to launch full-fledged attacks.
Our very own Security Operations Center has seen similar behavior and attempted exploits through IoT devices. To help shed some light on this growing issue and present potential solutions and best practices, Andrew Useckas, Threat X CTO, has partnered with IoT Agenda on a monthly article surrounding this topic.
Start by reading the first article, originally published on IoT Agenda’s “Evaluate” column, in which Andrew dives a bit deeper into the issues involving the “IoT minefield” many organizations find themselves navigating. Then, be on the lookout for subsequent articles published monthly, which expand on each of the top 5 IoT security challenges. The second article, published on IoT Agenda’s “Manage” column, explores the issue of default credentials on these IoT devices.
Stay tuned for additional articles from Andrew via IoT Agenda in the coming months!
*** This is a Security Bloggers Network syndicated blog from ThreatX Blog authored by Mackenzie Jacobson. Read the original post at: https://blog.threatxlabs.com/how-to-adequately-account-for-and-secure-iot-devices
