The Internet of Things botnet ‘Mirai’ has been discovered as the open-door for future assaults to come, which could be even more severe, as a leading security research report warns.
Mirai was found to power the largest DDoS attack ever, with a total of 620Gbps DDoS against KrebsOnSecurity.
With so much attention on IOT security here is a list of 5 ways businesses need to adapt to security strategies for IoT devices.
- Research devices
It may be seem like a basic step, but surprisingly it is one many forget to take. Many expect devices to have security implemented in them from the manufacturing stage so therefore; feel there may be no need for double-checking.
Whether security is implemented or not, it is a key implementation to understand the security that comes with the device, any relevant updates needed and so forth.
What type of security does the device have?
How long will the security last and how regularly should it be updated?
Is it password protected?
These and other questions are what should be considered when researching the security features of any device.
- Assess Risk
Risk assessments are essential for any security software, and particularly for IoT devices where security may or may not be baked in during the manufacturing process- undertake a review of the relevant risks that are likely to arise following any threats/ or attacks on the devices.
Assess the risk between networks and communication protocols used. Businesses should identify the security vulnerabilities that the device may encounter when interacting with any application, database or network.
Identifying how much data the device can generate will allow businesses to have awareness of what can and cannot be saved on any device.
- Trust
From the beginning of the device production, secure design is a key factor which should be implemented. A clear understanding of the threats to devices is crucial for there to be trusted software implementation installed into all devices.
Digital trust is another key aspect for businesses to implement data protection, when data transfer takes place it is essential for an indication of trust to be demonstrated.
- Educate system users
Business owners and or IT teams within the business should take pride in educating users of IoT technologies on their potential risks.
Unfamiliarity of security risks is a key finding that may be a factor for the opening access of security threats and hacks. If users are made aware of the increase of potential phishing and social engineering attacks, it may lessen the risk of attacks entering business devices.
- IoT security strategy setup
Finally, establish a business security strategy and policies. Research from an AT&T survey shows that 68 percent of respondents say their companies plan to invest in IoT in 2016.
This shows the importance of a defined security strategy in support of the addition of the Internet of Things.
The networks used, communication and all other relevant aspects should be reviewed within the security strategy in order to minimise risks.
