As the ever-connected world continues to explore the Internet of Things (IoT), the enterprise must consider how to rethink and adjust its security approach to accommodate a new technological age. This does not require a complete restructuring of the security architecture, but only a repurposing of some existing technology and roles.
Here are several best practices to help the enterprise securely embrace the IoT.
Leverage Existing Network Security
IT professionals can use their existing infrastructure to help enforce network security. Best practices for IT professionals include strategies that may already be in place:
- Employ private, segmented networks with designated IP ranges.
- Private network usage has the added benefit of cost savings when compared to public IP ranges.
- Continue securing connections with virtual private network (VPN) technologies such as IPsec.
Revamp the Governance Structure
The IoT brings new security challenges, and the enterprise needs to re-evaluate how information security personnel fit into this updated picture. Businesses should ask the following questions to help ensure complete protection for their resources:
- To whom should the head Information Security Officer report?
- Should new or previously uninvolved personnel participate in information security initiatives?
- What new types of devices does the organization need to secure?
Monitor Critical Infrastructure
Most pieces of infrastructure today are connected and online, a different situation from years ago when these resources were offline. With this in mind, businesses must ensure that critical infrastructure (as it relates to IoT) is secured. IT professionals should keep the following ideas in mind when considering their enterprise security posture:
- Infrastructure attacks may be more frequent, but there is an array of intelligence available that can help prepare for attacks and mitigate impact.
- An investment in real-time attack intelligence software is both necessary and worthwhile.
- Visibility and awareness are powerful tools against attacks.
Do Not Forget the Past
IT stakeholders should not underestimate the value of lessons learned from past experiences, including past threats or attacks. The enterprise can adopt the most secure posture in the IoT by consciously learning from every incident:
- Acknowledge that past attacks may occur again and prepare for them.
- Embrace new and updated technologies that are equipped to handle potential attacks.
- Establish strong plans to effectively combat and manage response to attacks.
The enterprise can be well-prepared to embrace the Internet of Things from a security perspective, and in many ways, it already is prepared. By maximizing the impact of existing tools, evaluating the security reporting structure, monitoring important assets, and learning from previous experiences, companies can fully and securely experience these exciting new technologies.