<img height="1" width="1" src="https://www.facebook.com/tr?id=1758628641118349&amp;ev=PageView &amp;noscript=1">
LeanIX Blog – we love IT Architecture!

9 Steps to IoT Security in the Enterprise

Posted by Lesa Moné on 17 October 2017

iot.png
IoT is spreading at an unprecedented pace. Just two short years ago in 2015, there were around 15.4 billion connected devices. Intel predicts that there will be 200 billion connected devices by 2020. IoT devices will also bring a great deal of revenue to the market. Business Insider predicts that total business spending on IoT solutions will reach $6 trillion by 2021.

There’s no mistake, IoT will have a grave impact on our world. IoT also has issues to work out. If security is not properly addressed in the early stages of implementing IoT, hackers can target weak points and exploit the data of your entire infrastructure.

9 steps to prepare your enterprise for IoT

  1. Implement microservices.

    The inevitable implementation of IoT will create a challenge for Enterprise Architects. It will be important to determine how device networks will communicate, how data will be processed, which applications or systems to invest in to process the surge in data, and which team members will oversee IoT endeavors. Running IoT applications as microservices will help for quick deployment, maintenance, and account for the inflation of volumes of data. Microservices helps smooth the path to IoT.

  2. Physical security.

    Ensuring that end devices are safely stored and cannot be tampered with or compromised is a key step to protecting the security of your IoT endeavors. As new trinkets bring a certain curiosity, it is best to keep new hardware locked away in a safe place.
  3. Firmware updates.

    Firmware is defined as permanent software programmed into a read-only memory.
    Every single IoT device will possess firmware of some sort. Once your company begins using IoT devices, be sure to deploy every firmware update. These updates may contain important security patches that protect you from unauthorized access. Consider automating IoT devices, and at least have a plan for staying abreast of updates to combat unnecessary risk.

  4. Strengthen authentication process.

    More than 60% of people use the same username and password for all their accounts. Another weak point for IoT devices is that they can be easily accessed using the default logins from around the enterprise. Hackers run programs that enter stolen username and password details on tens of thousands of sites until one hits. Then they have access to your accounts, credentials, and from there can manipulate your IoT devices. Be sure to assess the security of your authentication process in your plan to implement IoT.

    Enterprise architect's guide to machine learning
  5. Isolate IoT devices.

    Isolate your IoT devices from a network perspective. The four basic architecture models for IoT devices are as follows:
    Device to device - IoT devices within the same network will be able to connect and communicate using wireless PAN protocols like Bluetooth and Zigbee, Z-Wave, or Ethernet.
    Device to cloud - IoT devices connect directly to the cloud, collect and transfer data to the cloud, analyzed in the cloud, and queried by companies from the cloud.
    Device to gateway - It's often not possible to have IoT technology communicating directly to the system without a gateway. IoT gateway devices bridge the gap of communication between IoT devices, sensors, equipment, and the cloud. An IoT gateway performs several functions - translating protocols, encrypting, processing and filtering data. IoT gateways speed production, reduce telecommunication costs and adds a needed layer of security.
    Cloud-to-Cloud - Also known as back-end data sharing, cloud-to-cloud enables third parties to access uploaded data from IoT devices.

    Consider separating your IoT devices using VLANs, routing, or creating separate networks for the devices to run on.

  6. Limit access.

    Limiting who can access the IoT network is an important layer of IT security. Use firewalls and access lists to permit, deny, and monitor access of users.

  7. Device monitoring.

    Knowing the current status of all IoT devices gives you a more secure vision of the entire IoT landscape. Consider using network monitoring and alerting tools like ICMP, SNMP, and Syslog to monitor the health of the IoT infrastructure.

  8. End-to-end encryption.

    End-to-end encryption must be deployed not only to protect data as it crosses the network but also while it’s stored on a back-end server. If the embedded IoT devices cannot perform encryption natively, you should leverage infrastructure techniques such as encrypted tunnels to properly secure data.

  9. IoT security breach plan.

    The most important step of them all – create a security data breach plan. Having a plan in place of what to do in the event of an IoT security breach will strengthen your company. To comply with upcoming regulations, it is important to take note of which data your enterprise is collecting, and what steps to take after a breach has happened.

An HP study found that 70% of IoT devices deployed are vulnerable to some type of attack. Use the above-mentioned steps to help your enterprise avoid pitfalls due to the lack of built-in security measures. 

Subscribe to Email Updates