Gowitek
Uploaded on Aug 14, 2019
Category
Technology
IoT security Compliance is an absolute necessity in this day and age. Factors such as testing, remote patching, data protection and more must be considered during the development phase. Here is a complete list of compliance checklist.
Category
Technology
IoT security Compliance Checklist
IoT security
Compliance
Checklist
Introduction
• Any hack into an IoT Network can make bring a business to
a complete standstill, and this can lead to a loss in brand
loyalty, revenue, and more.
• The average cost of a cyber attack for enterprises grew
from $1.2 million in 2016 to $1.3 million in 2017. That’s 10
times higher than the $117K cost of a breach for SMBs.
Components of IoT
Security Compliance
Framework:
Businesses need to ensure that their compliance
framework takes into consideration the following
factors in security audit checklist:
Product/Device Life Cycle:
• Security needs due consideration right from
inception stage of the product life cycle. Security
considerations should be embedded in design as
well as the functionality of an IoT device.
• A sound security compliance framework must
closely monitor who can access specific devices
and what actions a device is allowed to
perform.
Components of IoT Security
Compliance Framework:
Authorization and Authentication:
• Authority implies role-based access controls over
functionalities of an IoT product. This limits access in multi-
user products and mitigates risk.
• The security framework must allow only for authenticated
devices to connect with each other.
Components of IoT
Security Compliance
Framework:
Data Protection:
• All IoT Products must limit the data that they
collect so that there is a lower chance of data
breach.
• Manufacturing organizations also need to
provide visibility about the data they are
collecting and why it is crucial.
Components of IoT
Security
Compliance
Framework:
Testing:
• Testing must include
physical testing,
digital testing, and
Third party testing.
• Continual testing
followed by relevant
patching is a must.
Components of IoT
Security Compliance
Framework:
Flexibility:
• IoT Security must be flexible enough to
accommodate new tools and guidelines in
the industry.
• An essential way of doing so is making
software updates as automated as possible.
Components of
IoT Security
Compliance
Framework:
Remote patching:
• IoT products must come with
Remote Patching
functionality for improved
user experience.
• This can help save thousands
of dollars spent on product
recall or vendor services.
Components of
IoT Security
Compliance
Framework:
Intrusion Detection:
• The platform must be able to
provide insights such as
anomalies in the traffic
pattern, malicious behavior
through behavioral analytics.
• Any divergence from normal
behavior can trigger alerts to
required parties, giving them
appropriate leads on action
required.
Comments