/0

Privacy by design and other IoT security best practices

Source:  Twitter

Achieving adequate IoT security may prove challenging to many organizations, but luckily SearchCIO followers were on hand during our #CIOChat to dole out security best practices for IT professionals to follow.

As Mark Lorion, CMO at Apperian Inc., stated, one way to ensure better IoT security is by developing secure applications and content for IoT devices. If the apps are secure, that puts less of a security burden on the IoT devices themselves, Lorion suggested.

But that's just the beginning. Ales Teska, founder of TeskaLabs Specifics, got technical with his response to the question of IoT security best practices, listing specific IT operations that serve as a good defense:

Beyond that, Pictographics Inc. President Harvey Koeppel, suggested that IT teams need to develop entirely new architecture and governance models for IoT security.

Security and privacy by design

One thing that nearly all #CIOChat participants could agree on is that IT teams must integrate security measures early in the design stages of IoT systems, or privacy by design. Building upon a secure framework is always easier and more efficient than attempting to tack on security retroactively, according to Bryan Katz, director of EUC Mobility Strategy at VMware.

An FTC report from earlier this year on IoT security also highlights the importance of imbedding security into IoT devices from the start -- something they call "security by design." In addition, the report advised companies to enact risk assessments, change default passwords, use employee training and a layered approach to defense. None of that counsel is revolutionary in today's era of data breaches, but no measure is too small when it comes to securing IoT.

Cybersecurity enthusiast Monika Hathaway, reinforced this point of security (and privacy) by design, but some doubted whether it would happen:

View All Photo Stories