Thursday, February 2, 2017
IoT Security - What You Need To Know For Your Business
The Internet of Things (IoT) is quickly growing into one of the largest markets in technology. The number of devices currently deployed measures in the billions. "It's an extremely transformational industry with far-reaching effects on the organizational posture of almost every business segment out there. This is largely due to the speed at which people are adopting and embracing this technology, coupled with the immaturity of security principles in the IoT space," says Senior Security Consultant JR Johnson. "When these devices start showing up on your organization's internal network, that's a serious problem. It's critical to address their security, along with how they could potentially affect your most critical business assets."
Johnson further states, "During penetration testing, we have already seen a huge up-tick in the amount of network compromises that stem from improperly secured or misconfigured IoT devices being implemented in corporate networks. At the end of 2016, headline news reported on the large amount of IoT-based attacks, like the Mirai botnet, where attackers have narrowed-in on the formerly untapped market."
So, how do you protect your company? Johnson advises, "First, make sure your policies address IoT devices on your corporate network. If they don't, that's an important starting point. Next, evaluate and thoroughly test IoT devices before installing them into your network and always verify that they are configured securely. Regular internal penetration testing can help to identify weaknesses in these devices, as well as measure what impact they can have on your organization's network security."
Development, deployment, and maintenance cycles should utilize an IoT Security Assessment that specifically examines both application and hardware technologies for these devices. Thorough testing of these IoT device components should be fully analyzed within a lab setting to isolate risks the analysis may introduce, protecting the current organization's network environment through segmentation of those risks. The lab activities of this exclusive audit should include in-depth device penetration testing, protocol analysis, and potential information leakage and physical weaknesses of targeted IoT devices. Results from the IoT Security Assessment provides knowledge of how these devices will affect the network, while actively addressing identified vulnerabilities will improve the organization's security posture.
About nGuard Corporation
nGuard is a leading provider of expert security assessments, managed security services, security incident response, and other advanced security services to organizations across North American & around the world. nGuard's relentless focus on securing clients, as well as their unmatched security expertise, has helped them become one of the most sought after security firms in North America.
For more information, please visit: www.nGuard.com