Use Technology to Understand Customer Better
Connection Points Increasing Substantially Every Year
Giving up Privacy for Convenience
Why Artificial Intelligence Will Empower the CIO
Thank you for Subscribing to CIO Applications Weekly Brief
Securing the Internet of Things: Best Practices for the Enterprise
By Phil Skipper, Head of Business Development, Vodafone Internet of Things [NASDAQ:VOD]
Yet, with the adoption of any new technology comes the potential risk of third-party hacking and security breaches. It’s this reason that has put IoT security top of mind for businesses today—according to Vodafone’s 2016 IoT Barometer, 30 percent of businesses surveyed are either changing or restricting the scope of their IoT projects in an attempt to reduce security risk.
While businesses are right to be cautious, there are many ways to minimize the potential security risks associated with IoT, so businesses can use the technology to its full potential. Here are the best practices to consider when developing, deploying and managing IoT applications.
Not all IoT deployments are created equal
Given news reports about wide-scale IoT security breaches, business leaders are understandably concerned about how the technology might impact their organization.
IoT security cannot be treated with a “set and forget” mentality
When enterprises deploy IoT solutions, it’s not enough to just set security measures and assume company data will remain secure. New security risks are constantly on the horizon, and companies must regularly review and update their security policies and protocols in order to stay ahead of potential threats. Businesses should ensure all technologies that interact with their IoT solutions, such as data centers, offices, shared services centers and individual devices, are also up to date on security compliance.
Pre-deployment testing is critical
Before enterprises can deploy IoT-enabled technology, they should put connected devices and services through rigorous, repeatable tests to identify any potential security issues. These tests should occur on a sandboxed network, to ensure the new IoT technology is isolated from other technologies that are already in use. Testing IoT systems prior to deployment will ensure they behave as expected, and will interact with centralized systems in an optimized way, helping to minimize failure when they are put into the field.
Devices should operate on a ‘minimal trust model’
Once IoT solutions are deployed, businesses should implement a “minimal trust model”—meaning no individual IoT device should have unrestricted access to the company’s full IoT environment. Each device should be assigned a private IP address that is not discoverable from the public internet, which will help prevent outside hackers from accessing the device. In the event a hacker does breach a device, a minimal trust model will ensure that access to one device does not provide a gateway into an entire network.