Over the past few posts, we’ve discussed the Internet of Things, the Secret Life of Machines, threats and repercussions related to a world of embedded devices. But how does a company minimize risks and protect its interests?
A good security strategy will go a long way to deflect the attention of all but the most determined hackers. Here are a few techniques that will aid significantly in protecting your embedded devices.
Reduce Attack Surfaces
Because discoverability is the first step with any type of nefarious activity, companies can protect themselves is by simply reducing the number of attack surfaces. Ensuring device password complexity and removing users who leave the company (from your database) are important practices and tools solutions Lynx CyberPRO can remove device discoverability all together.
Create Security Zones
Building automation systems, point-of-sales machines or medical equipment devices should be separated from servers that store sensitive customer or company data. Should a hacker gain access to an embedded device, the problem can be confined and your entire network will not be exposed.
Cover the basics
Since most hacking attacks occur remotely, implementing proper procedures and partnering the right vendor can save a lot of headaches down the road. Your remote access solution should encrypt all communications, provide centralized management and let you define granular user privileges for every employee, technician and vendor in your system.
Document what happens
Make sure you have a way to review activity that occurs during a remote access session. Many VPN connections do not provide extensive auditing capabilities but an enterprise remote access solution, like Remote Control, will maintain complete audit trials of remote sessions, a clear structure for reviewing these reports and centralized logs and audits.
No strategy is completely invincible and even the most seasoned IT professionals can make mistakes. Still, having a multi-faceted strategy in place will protect your devices and act as a deterrent to hackers. Fortunately, many steps are relatively easy to implement and are not cost prohibitive.