Internet of Things (IoT) security is a top concern among any tech decision-maker tasked with choosing a platform to solve any need. While most tech managers believe IoT will become the new standard, there are a number of risks to consider when choosing secure IoT platforms.
The most detrimental issue with many IoT devices is that manufactures attempt to secure their products’ remote management interface by using non-unique and oftentimes well-known credentials. But they also tend to suffer from vulnerabilities like non-existent or irregular security updates, a lack of firewall or NAT, and longer life cycles with greater undiscovered vulnerability potential.
But that doesn’t mean there’s no such thing as a useful, secure IoT platform.
What to look for in a secure IoT solution
Your selection of vendor has to reflect a company that respects cybersecurity of the product just as much as the product itself.
“Look for companies that consistently nudge you to update their firmware – it means they care about cybersecurity,” says Anthony Pisano, Director of Solutions Architecture at Network Solutions and Technology.
“Five to six times a year for a camera manufacturer is pretty aggressive and a good sign.”
Another thing to look for: qualified team members.
“If we go on LinkedIn and see teams at these companies with credentials and experience, we feel more certain,” Pisano says.
If a camera manufacturer only has a team certified in lens manufacturing and only one person who specializes in cyber security, that’s a bad sign.
The company needs to be proactive in promoting its looks for very specific, impressive cyber security standards and accreditation for employees. They should be turning their employees into cyber security professionals by putting them into graduate programs and other courses.
Finally, the most important thing to look for is a company that markets cyber security as much as it markets tech specs.
“If they’re not talking about cybersecurity just as much as the products themselves, that’s a concern,” Pisano says.
Secure IoT platform recommendations from installers:
- Schneider Electric – Their ecosystem of IoT-enabled software platforms like EcoStruxure offers a variety of iot interfaces like temp sensors, water sensors, etc. and everything converges into a graphical user-interface
- Axis Communications – According to Pisano: “they take their cybersecurity initiatives as seriously as they take the physical cameras – they hold the cybersecurity of the item to the same standard.”
- Genetec – This unified physical security platform is turning itself into a place where you can put everything.
- Mobotix – A converged thermal & video camera unit which doesn’t hold names or store data that is privacy-related. When you plug their cameras into a network, its cybersecurity stance is “locked unless you open me” and doesn’t allow remote access.
- APC – Owned by Schneider — they have integrated sensor units in their batteries that monitor temperature. Instead of devices calling out to the world, they’re calling out to a governed hub.
Learn more about each of the above products by clicking on them or by viewing the slideshow
It’s not just the installer’s job to ensure IoT cybersecurity…
Once you’ve chosen an IoT platform, you need to ensure it rests in a continuously-secure environment.
Ensuring your security software is up-to-date is vital for protecting against malware and other malicious software. Endpoint security solutions will go a step further and help to protect against threats that are not detected using traditional security software.
While devices such as smart speakers are simple to connect to the network, many people do not think to change the default passwords, essentially meaning that a potential hacker has access to your network with minimal effort.
Security patches are simple, but crucial to secure devices and ensure that vulnerabilities do not compromise your network. Make sure you use any security updates the manufacturer pushes out.