The security of Internet of Things (IoT) devices, especially those intended for consumer use, tends to fall on a spectrum between "serious concern" and "industry joke." Yet the fact is that a growing number of employees have various IoT devices in their homes — where they also could be connecting to an enterprise network to do their work. And that means significant threats loom, both to and through the IoT.
Some threats attack the unique nature of IoT devices. Others take aim at the application ecosystem surrounding them. Still others are the result of configuration errors that stem from user inexperience or system limitation. In any case, each threat can lead to loss of privacy, loss of control, or recruitment of the devices into a network controlled by someone other than the owner.
Industrial IoT devices are subject to the same ills. When considered alongside the IoT systems owned by employees, they represent a second major threat surface.
So how do you protect against this dual front of security risks? Each vulnerability has a particular remediation, but there's one overarching them: Treat IoT devices and systems like the computers they are. When the same expectations and discipline are applied to the IoT as to commercial computing systems, vulnerabilities begin to be closed.
Have you built an IoT system for a residence? How did you secure the devices? Are you dealing with IoT systems at your employees' homes? How much responsibility for security do you take? Share your thoughts in the comments, below.
Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Early bird rate ends August 31. Click for more info.
Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio