Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Maintaining security hygiene in the Internet of Things

Diana Kelley, Executive Security Advisor, IBM Security | March 4, 2016
Diana Kelley of IBM Security discusses the security risks of IoT devices and how enterprises can counter these new security risks.

How enterprises can counter these new security risks

It might be a while till manufacturers figure out the best models for the delivery of updates and for companies to update their internal processes to address these new devices, but here's some measures which enterprises can do in the meantime to protect themselves against increased security risks.

1. Hold someone accountable

The first step to take is to assign an owner for the upkeep of specific devices which includes monitoring for potential security weaknesses, flagging potential issues and ensuring that patches get implemented. Having an assigned individual or group establishes accountability and ensures that everyone is clear about whose role it is to perform the respective tasks.

2. Maintain an inventory

The next step is inventory-keeping, which is integral to helping you locate, identify and retain information about smart devices in your organization. There are technical mechanisms available that can help you accomplish this such as vulnerability scanning, network monitoring, and network access control etc. Of course, this strategy presupposes that the organization already has clear visibility into new purchases of IoT devices being made across the different business unit.

3. Knowledge about the integrity and authenticity of manufacturer updates

Lastly, the issue of integrity and authenticity of manufacturer updates is also an important one, but one that consumers might have less control of. That said, awareness of potential issues by consumers can help to influence and pressure manufacturers to utilize update channels that leverage integrity protection features.

In short, keeping abreast of vulnerabilities in and updates for smart devices is vital. But it won't just magically happen; it takes planning and forethought to make sure that important security tasks are performed to keep all organizational assets secured.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.