{"id":2339,"date":"2020-06-03T11:16:25","date_gmt":"2020-06-03T11:16:25","guid":{"rendered":"https:\/\/davra.com\/?p=2339"},"modified":"2020-06-03T11:16:25","modified_gmt":"2020-06-03T11:16:25","slug":"iot-security-keeping-your-network-in-check","status":"publish","type":"post","link":"https:\/\/davra.com\/iot-security-keeping-your-network-in-check\/","title":{"rendered":"IoT Security: Keeping Your Network in Check"},"content":{"rendered":"

Even though security is a big concern for many companies using IoT devices and networks, it is often left to the last minute to implement the necessary security measures.\u00a0<\/span><\/p>\n

Improved supply chain processing? Check! Process optimisation and automation? Check! Increased inventory management? Check! Network security measures in place? Hmm, maybe don\u2019t \u201ccheck\u201d it until we\u2019ve actually checked it out!\u00a0<\/span><\/p>\n

Network security is often an afterthought in many organisations due to the intangible benefits it brings to the organisation, or else it\u2019s given thought when it\u2019s too late. But we here at Davra love a good plan, and believe what gets measured gets managed. So even if you\u2019ve nailed your supply chain processes and predictive maintenance <\/span>(perhaps link to the blog post?) <\/span>it\u2019s imperative that you include security as part of the overall IoT implementation network.\u00a0\u00a0<\/span><\/p>\n

In this blog post, we\u2019ll be discussing the steps your organisation can take to mitigate any security risks your network may be subject to.\u00a0<\/span><\/p>\n

Security Is A Group Effort\u00a0<\/strong><\/h2>\n

While it pays to have a good security system in place to combat hacks and errors, your team and employees play a massive part in ensuring the company networks remain impenetrable.<\/span><\/p>\n

Following routine penetration testing checks, along with regular employee training will maintain a healthy system and decrease the risk of infiltration.\u00a0<\/span><\/p>\n

An important and often overlooked method of network security is checking your authentication methods. Remember to check that each IoT device has its own unique ID that can be authenticated when the device attempts to connect to a central server or gateway. That way if a device is not communicating securely, its ID can be tracked and its privileges revoked to ensure it doesn\u2019t do any harm.\u00a0<\/span><\/p>\n

Various authentication measures such as multi-factor authentication (inherence – biometrics, knowledge and possession), 2-factor authentication and 2-step verification are also incredibly important for employees to keep secure. Updating these private layers of defence frequently means that even if a password is compromised, there is another level that hackers won\u2019t be able to intercept.\u00a0<\/span><\/p>\n

New IoT Security Framework – ReSIoT & Edge Computing\u00a0<\/strong><\/h2>\n

The researchers at IEEE have come together to assess current security attributes of IoT devices, and have now come up with a new solution and possible framework for going forward. Up until now, IoT security involved access control and authenticated key exchange for communications. Rather than getting the individual IoT devices to control all of the perhaps more complicated security processing requirements to gain access, they are now suggesting installing a security box, or security management component at a nearby edge.\u00a0<\/span><\/p>\n

This would then handle all of the throughput and intensive security tasks that the devices themselves cannot cope with. These edge boxes or routers will then handle the cryptographic and heavy keys, and will also allow for more scalability in the security network. This will free up the IoT devices to work as normal.\u00a0<\/span><\/p>\n

As well as employing these new security measures, it is still highly important to ensure you use data encryption methods. Firewalls, secure sockets layer protocols (SSL) as well as wireless protocols will protect your IoT web applications.\u00a0<\/span><\/p>\n

Business Operations & Compliance\u00a0<\/strong><\/h2>\n

Depending on the type of business you operate, your security and risk protocols will vary. If you are involved in the financial services, you may need to take PSD2 and MiFID 2 in the EU into account.\u00a0<\/span><\/p>\n

Other important mandates to consider are:<\/span><\/p>\n

\u2022 PCI DSS: Payment Card Industry Data Security Standard aims to increase the security of credit cards and that all companies dealing with online payments have the correct security measures in place.\u00a0<\/span><\/p>\n

\u2022 GDPR: The General Data Protection Regulation is an EU law concerning data protection and privacy. If you are within the EU, or transfer information outside of the EU, you will need to be compliant with this law.\u00a0<\/span><\/p>\n

\u2022 GLBA: The Gramm-Leach-Bliley Act is a US federal law ensuring financial information holders protect and share their customers\u2019 information appropriately.\u00a0<\/span><\/p>\n

Your company needs to ensure it first of all has the correct procedures in place for laws such as these, and also that your IoT devices encompass these laws.<\/span><\/p>\n

When making the smart decision to invest in IoT devices for your organisation, checking that the network, data, systems and devices are not corrupt and have the correct security measures in place will save you a lot of hassle and potential infiltration down the line. If you would like to chat to us about implementing the correct IoT security procedures, <\/span>why not <\/span>contact us<\/span><\/a> to put the right measures in place.\u00a0\u00a0<\/span><\/p>\n

Author<\/strong><\/h2>\n

Brian McGlynn, Davra, COO<\/p>\n

Connect on Linkedin<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Even though security is a big concern for many companies using IoT devices and networks, it is often left to the last minute to implement the necessary security measures.\u00a0 Improved supply chain processing? Check! Process optimisation and automation? Check! Increased inventory management? Check! Network security measures in place? Hmm, maybe don\u2019t \u201ccheck\u201d it until we\u2019ve […]<\/p>\n","protected":false},"author":6,"featured_media":2362,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"yst_prominent_words":[2271,2272,2268,2264,2273,84,53,77,830,2274,2266,836,2269,1098,2278,2267,2265,2279,2277,2270],"_links":{"self":[{"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/posts\/2339"}],"collection":[{"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/comments?post=2339"}],"version-history":[{"count":0,"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/posts\/2339\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/media\/2362"}],"wp:attachment":[{"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/media?parent=2339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/categories?post=2339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/tags?post=2339"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/davra.com\/wp-json\/wp\/v2\/yst_prominent_words?post=2339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}