10 tips to minimize IoT security vulnerabilities

Security has always been one of the top priority in IoT devices and infrastructure. The Online Trust Alliance has shared 10 tips to minimise IoT security vulnerabilities, specifically for devices which uses Wi-Fi for connectivity.



·         Every password on every device should be updated from the default, and any device that has an unchangeable default password shouldn’t be used at all. Permissions need to be as minimal as possible to allow devices to function.
·         Do your homework – everything that goes on your network, as well as any associated back-end or cloud services that work with it, needs to be carefully researched before it’s put into production.
·         It’s a good idea to have a separate network, behind a firewall and under careful monitoring, for IoT devices whenever possible. This helps keep potentially insecure devices away from core networks and resources.
·         Don’t use features you don’t need – the OTA gives the example of a smart TV used for display only, which means you can definitely deactivate its microphone and even its connectivity.
·         Look for the physical compromise – anything with a hardware “factory reset” switch, open port or default password is vulnerable.
·         Gizmos that connect automatically to open Wi-Fi networks are a bad idea. Make sure they don’t do that.
·         If you can’t block all incoming traffic to your IoT devices, make sure that there aren’t open software ports that a malefactor could use to control them.
·         Encryption is a great thing. If there’s any way you can get your IoT devices to send and receive their data using encryption, do it.
·         Updates are also a good and great thing – whether you’ve got to manually check every month or your devices update on their own, make sure they’re getting patches. Don’t use equipment that can’t get updates.
·         Underlining the above, don’t use products that are no longer supported by their manufacturers or that can no longer be secured.
About OTA

The Online Trust Alliance is an initiative within the Internet Society (ISOC), a global non-profit dedicated to ensuring the open development, evolution and use of the Internet. OTA’s mission is to enhance online trust, user empowerment and innovation through convening multi-stakeholder initiatives, developing and promoting best practices, ethical privacy practices and data stewardship. https://otalliance.org/ https://internetsociety.org.

For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
SHARE
    Blogger Comment
    Facebook Comment

0 comments: