A business network is only as strong as its weakest link. With the Internet of Things (IoT) expanding rapidly, several factors are driving the need for robust IoT device security—continued growth in the number of devices operating at the edge, the convergence of IT (Informational Technology) and OT (Operational Technology) and the rise of third-party players in device setup and management. Device operating systems once functioned more or less independently, but they're now integrated into IT networks, which is promising for edge computing but risky because of the rapid growth of threat vectors.
IoT device security has to be a top priority, with the global Industrial Internet of Things (IIoT) market slated to grow at a compound growth rate of 21.3% every year until 2028. Much more is now at stake because of the sheer scale of the challenge—every sensor at the edge is a vulnerable node through which hackers could infiltrate an entire network.
How to security IoT devices
IoT device security embraces many of the traditional rules of cyber security and a few from the OT landscape.
- Changing default logins. IoT devices have their own login information—and third-party vendors often leave default passwords in place. Because IoT systems are always on and always connected to the network, they can be an easy entry point for hackers. Companies need to ensure that each device has a unique password, perhaps through a comprehensive password management system.
- Pushing out patches. Companies need to regularly patch IoT device protection to remedy vulnerabilities, much as they do with IT software. If you've issued devices to your employees, require them to regularly check for and install updates.
- Microsegmenting networks. Isolating IoT networks from critical system resources and programs limits the damage that attackers can inflict while preserving the advantages of integration. Make sure that access is only granted to authorized stakeholders.