When it comes to IoT, more security is needed
The enterprise angle
While much of the discussion around IoT security revolves around home networks, concern about connected devices has come to the enterprise. That’s why some vendors are starting to respond to the need of companies to manage connected devices more effectively.
Cloud security provider Panda Security and data analytics company Logtrust have integrated their products in a way that lets security managers visualize all the executables a connected device brings on to the network. The new product, Adaptive Defense, also only sends out alerts to confirm an incident as opposed to sending alerts every time a suspicious event takes place.
“If something looks suspicious, Adaptive Defense and the Panda Security analysts will resolve it and will only notify the security manager to confirm that some bad code was found,” says Josu Franco, strategy and technology advisor for Panda Security. “This is a really important point because so many companies can’t find enough people to handle all the incidents. So, by automating and offloading the investigation of suspicious files, it goes a long way to lightening the load for the security staff.”
Franco adds that with all the devices people use today there’s no way security managers can keep track of all the executables on the network. Without a solution like Adaptive Defense or something similar, companies are likely to be overwhelmed by all the devices they have to manage today, he says.
So, whether it’s for the home or at the workplace, people need to look at the connected devices they are using and consider how they are being secured. For all types of consumers, they need to ask to what extent security was built in and if the manufacturer has left instructions on how to update default passwords or even if they use default passwords in the first place. On the home front, consumers need to, at minimum, change the default password on their router. And at the office, security managers must seek out tools that can help them more effectively manage all the connected devices – whether they are used at work during office hours or at a worker’s home – where the IT staff has less control.
Moving forward, users need to ask more questions about their connected devices, deploying only the most trusted of brands. And, above all, device owners must stay vigilant, because it’s just plain scary that offices and homes can be used as a launching pad for an attack that can take down important websites, factories or transportation facilities.