INFOGRAPHIC
•
•
•
•
•
Monetary damages
Lost productivity
Legal/compliance penalties
Lost reputation
Stock price
Meanwhile, although the top tier enterprises
experienced some security missteps, an
overwhelming majority reported no costs
associated with those missteps.
Top tier enterprises attributed their security
successes to these practices:
•
•
•
•
•
Encrypting sensitive data
Ensuring integrity of data in transit
Scaling security measures
Securing over-the-air updates
Securing software-based encryption
key storage
“
SECURITY AND
PRIVACY TOPPED
THE LIST OF
CONCERNS FOR
IOT PROJECTS,
WITH 82% OF
RESPONDENTS
STATING THEY
WERE SOMEWHAT
TO EXTREMELY
CONCERNED
ABOUT SECURITY
CHALLENGES.
www.intelligentcio.com
“When it comes to accelerating
implementations of IoT, it’s vital for
companies to strike a balance between
gaining efficiencies and maintaining security
and privacy,” Nelson said. “This study shows
that enterprises implementing security best
practices have less exposure to the risks
and resulting damages from attacks on
connected devices. Meanwhile, it appears
these IoT security best practices such as
authentication and identity, encryption and
integrity, are on the rise and companies are
beginning to realise what’s at stake.”
Recommendations
The survey points to five best practices to help
companies pursuing IoT realise the same
success as the top tier performing enterprises:
• Review risk: Perform penetration testing
to assess the risk of connected devices.
Evaluate the risk and build a priority list
for addressing primary security concerns,
such as authentication and encryption.
A strong risk assessment will help ensure
you do not leave any gaps in your
connected security landscape
• Encrypt everything: As you evaluate use
cases for your connected devices, make
sure that all data is encrypted at rest and
in transit. Make end-to-end encryption a
product requirement to ensure this key
security feature is implemented in all of
your IoT projects
• Authenticate always: Review all of the
connections being made to your device,
including devices and users, to ensure
authentication schemes only allow trusted
connections to your IoT device. Using
digital certificates helps to provide seamless
authentication with bound identities that
are tied to cryptographic protocols
• Instil integrity: Account for the basics
of device and data integrity to include
secure boot every time the device starts
up, secure over the air updates and the
use of code signing to ensure the integrity
of any code being run on the device
• Strategise for scale: Make sure that
you have a scalable security framework
and architecture ready to support your
IoT deployments. Plan accordingly and
work with third parties that have the
scale and focus to help you reach your
goals so that you can focus on your
company’s core competency n
INTELLIGENTCIO
29