Securing IoT devices to maximise their value

Issue 7 2022 Infrastructure, Information Security

Amritesh Anand.

The Internet of Things (IoT) offers numerous opportunities for businesses to gain new insight, streamline processes and leverage additional sources of data. However, anything that is connected to the Internet is a potential security vulnerability, and IoT devices are increasingly targets through which cybercriminals infiltrate networks.

Any connected device must be adequately protected as part of an overall security strategy, and to help businesses leverage the value of IoT data for analytics. Beyond that, the right IT partner and effective KPIs and execution strategy can help businesses gain more control over critical data and these intricate assets.

A growing market

The South African IoT market is estimated to grow at a CAGR of 20,96% through 2025. While IoT has many applications, it is seeing significant growth in manufacturing, transportation, healthcare, retail, energy and utilities, and the residential market. Digital transformation in the manufacturing industry and the implementation of smart manufacturing is further fuelling the South African IoT market.

This growth is being driven by the rise of artificial intelligence and big data, as well as rapid increases in the use of smart devices across industries, including the home. Smart, connected IoT devices are being used in many areas, including asset tracking, connected vehicles, smart metering for power and utilities, IoT-based goods condition monitoring in transit, predictive maintenance and more. However, security issues remain a concern and a challenge for the implementation of IoT.

Risky business

As the use of IoT devices grows, so too do the risks associated with them, and as more devices are connected, the potential attack surface widens. IoT devices are prone to vulnerabilities and are often used in malicious exploits, and this risk needs to be mitigated. However, patching, upgrades and maintenance can be challenging if this is not automated, due to the sheer volume of connected devices that must be managed. The ever-present skills gap also comes into play as there is a shortage of resources with the skills required to secure and manage IoT devices.

IoT devices present an overly large attack surface and have inherent application vulnerabilities, but often organisations also have incorrect access control and insufficient physical security. Addressing these issues is essential in ensuring that the value of IoT can be maximised while the threats connected devices present are minimised.

Securing IoT

There are a number of best practices that can be put into place to secure IoT devices, including device discovery for complete visibility, network segmentation for stronger defence, secure password practices, automated patching and firmware updating, and active monitoring of all IoT devices at all times.

Poor IoT device management is an ongoing problem that requires a vulnerability management solution to deliver constant and periodic security checks on vulnerabilities, firmware updates, alerting and reporting. In addition, many IoT security solutions include hardware-based and virtual firewalls, device identification tools, and other tools designed to provide visibility and protection for unmanaged IoT devices, to curb the threat of malicious traffic and attempted breaches.

A managed IoT security solution is often an effective option to ensure that weak points in connected devices and the servers, APIs and cloud services that interact with them can be identified and addressed to mitigate risk and vulnerability.

Remote monitoring and managed services are key

Remote monitoring is an essential tool to monitor the health of IoT assets, generate automated alerts and notifications, track equipment, and monitor performance and usage. Proactive monitoring also enables predictive maintenance to ensure assets are always functioning optimally and never break down.

IoT security ensures the availability, integrity and confidentiality of your IoT solution. IoT security tools protect from threats and breaches, identify and monitor risks, and can help fix vulnerabilities. With the lack of currently available skills, a trusted IT partner offering a managed IoT security service is essential to securing the IoT, mitigating risk, effectively managing assets, and maximising the value of IoT for business benefit.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

iOCO collaboration protection secures Office 365
Information Security Infrastructure
The cloud, in general, and Office 365, in particular, have played a significant role in enabling collaboration, but it has also created a security headache as organisations store valuable information on the platform.

Smart mining operations management
Mining (Industry) Infrastructure IoT & Automation
In his presentation at the recent MESA Africa conference, Neels van der Walt, Business Development Manager at Iritron, revealed the all-encompassing concept of SMOM (Smart Mining Operations Management) and why it is inextricably linked to the future of worldwide mining operations.

Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Cyber resilience – protect, defend, recover
The challenge with AI is that threats are getting harder to detect. As a result, plans in 2024 are not just about detection and prevention, but about recovery.

Powering business resilience and field operations
Infrastructure Products & Solutions
[Sponsored] The Anker 757 Portable Power Station emerges as a strategic asset for businesses looking to overcome power instability and the demand for operational efficiency in remote and field-based environments.

Top bets for backup and business continuity
Become your organisation’s data pioneer and spearhead data governance and protection of critical data. Challenge why best practices are not adopted or in place, while highlighting the inherent risks this poses.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.