12 ways companies should improve their data security in the age of IoT (Part 1)

Ngoc Huynh

As our world gets more and more connected, consumers and businesses alike must think fast about how they protect important information.

In particular, there’s a burden on businesses that work in and around the Internet of Things (IoT) to ensure that they’re serving their customers’ best interests by taking every measure to protect sensitive information.

To learn more about how to adapt security measures considering the complexity of today’s technologies, I asked a group of entrepreneurs from YEC the following question: How should companies ramp up their data security as the Internet of Things grows?

Have backups in place

As security hazards evolve, so must security measures. I don’t think it’s just about protection; it’s about having backups to restore your info in case your systems need to be rebooted. That’s something you need to invest in.

Plan and protect for a security breach

Russell KommerWith the growth of the IoT, chances of a security breach continue to rise. Sure, you would like to keep this from happening to your company, but the goal is to limit the damage in the event this does happen. You can do this by keeping a backup in case of a breach, installing endpoint protection software, and keeping your system up to date with security fixes. If you have any questions, consult an expert.

Add a web application firewall and real-time backups

syed BalkhiAt the current state of internet security, I think every business should add a Web Application Firewall (WAF) for their websites. I’m talking about services like CloudFlare and Sucuri which help protect you against DDoS attacks, XSS vulnerabilities, and other vectors of attacks. You should also keep real-time backups of your website, customer data and everything else. This is the best fall-back plan and allows you to recover from any data loss during the attack.

Remain secure, vigilant and resilient

Marcela DeVivoThese three principles should be first and foremost for companies as they think about cybersecurity. These principles focus on prevention and taking control of the many layers of data produced by a company. Being vigilant is a matter of continual monitoring to make sure systems are still secure. Being resilient includes being able to quickly address and recover from threats. Allocating budget and creating awareness to the potential risks and threats will help create a culture of security, whereby management at all levels is aware of the potential risks and has a program to test and execute security. Employing hackers to find the potential dangers should be considered as a proactive way to address security before breaches happen.

Have a two-step verification process

Having a two-step verification process adds another layer of protection for data, which is essential when there are so many devices now being connected together with the same username and password. Longer passwords are also part of this extra security measure, making it more difficult to compromise the system

Encrypt everything

The IoT will lead to the omnipresence of smart, connected devices. It’s impractical to determine the trustworthiness of every single device that data might pass through or be stored on, even those within firewalled networks. The solution is to ensure that all data, both at rest and in transit, is encrypted. Trust will move from the level of the network to the device or individual. Only people with the authentication credentials or a pre-verified device will have access to data that is encrypted unless it’s being actively used. We’re already seeing something of how this will work with Google’s BeyondCorp initiative, which dispenses with the idea of a secure network perimeter to an internal trusted network. Access depends only on the device and the user authentication

Share the news now

Source : https://thenextweb.com