Securing the Enterprise IoT NetworkBy CIOAdvisor Apac | Friday, November 30, 2018
By 2025, according to Digicert and ReRez Research’s State of IoT Security Survey, the number will increase to ten. The report also stated that rather than wearables, intelligent thermostats, and car sensors among other, the Internet of Things (IoT) usage is increasing. The report also surveyed that 700 organizations across five countries, focusing on industries are known for early adoption of IoT. The report also stated that 83 percent of respondents found IoT to be somewhat or extremely important for their business and the number increased to 92 percent when asked how important IoT would be in 2020. Security may not be a constraint as more IoT is deployed, more security concerns arise.
For the assessment of IoT security, DigiCert divide organizations into three categories: Top-tier, middle-tier, and bottom-tier adopters. The top-tier organizations have the least IoT security problems whereas bottom-tier has the highest. DigiCert suggested five tips to help bottom-tier companies reach the same level of top-tier security success.
Review risk: To assess the risk of connected devices, penetration testing has to be performed. With the evaluation of risks, a priority list has to be built for addressing the basic security concerns like authentication and encryption. By a strong risk assessment, the companies can be assured with no gaps left for the connected security area.
Encrypt everything: Companies need to evaluate the connected devices and ensure that the data is in an encrypted format both in rest and during transfer. Making an end-to-end encryption product requirement can be a key when implementing this security feature for all IoT projects.
Always authenticate: Companies have to review all the connections over the network including digital and human to ensure authentication and allow only trusted connections. Digital certificates help in providing seamless authentication and binding identities to encryption protocols.
Strategize for scale: Companies should have scalable security limitations and architecture ready for IoT deployments. They need to plan accordingly and work with third parties which are scalable and help in reaching goals which ultimately increases a company’s core competency.