Pam Baker of Security Boulevard asks things enterprises can do to better secure their IoT.
Know your network. Know what IoT devices are on the network, and what their vulnerabilities are, so you can make a smart defense plan. “For example, if we have an old MRI machine that runs XP, we can’t get rid of that, but if we track the vulnerabilities, we can create a plan to mitigate them,” says Jason McNew, founder and CEO of Stronghold Cyber Security and an Air Force veteran who previously worked for the White House Communications Agency/Camp David for 12 years, where held one of highest security clearances known as the “Yankee White.” “Sandboxing. Use VLAN’s, ACL’s, firewalls, and physical separation if possible to keep IoT devices in their own network realm. Design your IoT like a guest network, and trust nothing.”
Lock down your switch ports. “Since the majority of IoT devices don’t have any form of network authentication built in, and certainly cannot use advanced security mechanisms such as Kerberos or 802.1x, lock your switch ports down on a per-device basis. This will help prevent unauthorized devices from being plugged into your network,” McNew says.
The full article can be viewed at: https://securityboulevard.com/2017/10/listicle-7-strategies-secure-enterprise-iot/