As a result, organisations looking to adopt IoT solutions or who are already using them, need to treat them as transformative not only in terms of their application, but also in terms of their effect on the way security is managed. Several important steps in this process include:
• Creating a specific IoT security policy based on existing frameworks and best practices and enforcing it strictly.
• Training all employees what counts as an IoT device.
• Ensuring that your IT department approves all IoT device procurement.
• Creating an inventory of your IoT devices.
• Monitoring the appropriate IoT vendor vulnerability disclosures.
• Conducting vulnerability tests of IoT devices to detect and fix vulnerabilities.
The rapid of adoption of IoT devices will add complexity and cost to IT security management. However as our reliance on the technology grows, the risk of massive disruption will grow with it. As a result, the adoption of IoT devices does not represent business as normal for IT security, it requires an urgent rethink.
Sign up for CIO Asia eNewsletters.