If you’re setting up an IoT environment, test and assess it from end to end. “A typical IoT framework consists of edge devices like sensors, adapters, beacons etc.; a gateway to communicate with these devices; and a back-end server in the cloud or on premise,” says Mandeep Khera, CMO of Arxan. “Companies need to take each section separately and start addressing security issues for each. For example, have a security pen test to find out if end-point devices can be hijacked and exploited by hackers.“
Taking over an existing IoT infrastructure? Know what you’re getting into, says Jerry Irvine, CIO of Prescient. “All devices should be documented, along with the version of their firmware and applications. Once documented, each device’s hardware, firmware, and applications should be reviewed to assure they are up-to-date, and to define all known vulnerabilities.”