IoT security challenges include weak authentication and authorization protocols, insecure software, firmware with hard-coded backdoors, poorly designed connectivity and communications, and little to no configurability. Many devices were developed around chunks of commonly available and largely untested code, compounding security vulnerabilities across thousands of devices sold through dozens of manufacturers. And to make matters worse, IoT devices are often “headless,” with limited power and processing capabilities. This not only means they can
For the enterprise, we recommend a three phase approach to security based around learning what is on your network, dividing the network into separated segments, and then implementing appropriate security that provides critical protections without compromising functionality and interoperability.