In Part 1 of this article, we looked at the risks to your systems that can originate with devices that make up the Internet of Things – devices like smart TVs, connected cars and healthcare devices, cameras, DVRs, and even “smart” cars and light bulbs. Of course, these risks are real, and they are current. The types and scope of smart devices are multiplying rapidly, many reasonably priced and attractive, in an environment where security standards or requirements are greatly lacking. Add to this the proliferation of attacks, and it is a risk level no organization can ignore. Even organizations that don’t currently use IoT devices need to be prepared with a plan of action and policies dealing specifically with the issue.
IOT Security Plan Ideas:
• Set policy about what can and cannot be attached to any company network. This should come from the highest level of the company, because this risk, while it may be technical, has the potential to seriously damage the company as a whole. Top management must support the concept that cyber security is vital, and that the company has a right and an obligation to control what can and can’t be connected to its networks. The importance of top level support can’t be overstated.