6 Ways Security Integrators Can Help Clients Secure IoT Environments
SecuriThings CEO Roy Dagan explains why integrators are well-positioned to help enterprise customers overcome IoT security challenges.
As more organizations recognize the value of connected devices, enterprise IoT solutions are being rapidly adopted across a broad range of industries, from government agencies and law enforcement to healthcare facilities, transportation, casinos and hotels, educational systems, and many more.
While enterprise IoT adoption slowed in 2020 due to the pandemic, growth is expected from 2021 and on, with enterprise IoT connections expected to reach more than 11 billion by 2024.
This explosive growth is being fueled by decreasing costs of sensors as well as the increasing power of edge and cloud networking, both of which make enterprise IoT solutions more feasible to customers. These solutions are being deployed for traditional security needs, but many enterprises are expanding into post-COVID areas of safety, such as occupancy and remote temperature monitoring.
Vital Cybersecurity Role for Integrators
Companies struggle to find the resources, technology and skills necessary to monitor, manage and secure the hundreds — sometimes thousands — of mission-critical devices their organization deploys. Such devices include security cameras, access control, building management, environmental and energy-saving solutions. This creates an acute cybersecurity risk, as IoT devices are often deployed with default passwords and vulnerable firmware that hackers easily breach.
Beyond security, customers need a broader solution tailored for IoT devices that also provides monitoring, predictive maintenance, and automation.
System integrators are well-positioned to help customers overcome this IoT security challenge. In fact, over the last few years, system integrators have become increasingly involved in the cybersecurity aspects of these deployments, from providing services to systems to various other offerings.
We recommend focusing on six key areas based on our experience as a pioneering IoT Operations (IoTOps) solution and service provider.
Assess IoT security risk — An IoT security assessment examines the customer’s IoT environment and how they stack up against known vulnerabilities. For example, where are these devices deployed? Which types? On which networks? Are devices patched? How frequently? Any other known vulnerabilities? How often are passwords changed? This risk assessment can plug many of the challenges when it comes to cybersecurity.
Select the right systems — System integrators can help customers determine which system will work best for them. Look for the right combination of technical and operational capabilities that align with the customer’s business strategy and plan for growth. Clarify the different systems available in the market and how each can bridge the gap between the IoTOps teams and the IT / SecOps teams.
Ensure security compliance — System integrators should work with their customers to understand which IoT devices are in place and to enforce a high level of security compliance. That means ensuring that devices are always updated with latest firmware versions or at least with no known vulnerabilities, checking that passwords are frequently and uniquely rotated, and verifying that the security configuration of each device follows the organization’s guidelines.
Offer specialized training — Although IoTOps professionals are responsible for the daily operations of IoT devices, they typically are not considered cyber security experts. Providing a level of comfort in the cyber security space is key to their understanding of the needs and the solutions. This will also help them and foster conversations with their IT counterparts. System integrators must ensure their customers prioritize IoT security awareness training and skills development as part of their security roadmap.
Help with policy creation — Today’s IoT devices have more than enough computing power to present serious security risks to the enterprise. Having a company IoT security policy is critical as any device capable of running software presents a risk if that software is transmitting intelligence about the enterprise network. System integrators must work with customers to define a clear IoT security policy that will be an essential part of the cybersecurity posture of the broader organization.
Plan for the future — With the adoption of IoT devices soaring YoY, customers must continuously upgrade their capabilities and technology to ensure these devices do not become a management liability. System integrators can help their customers define a clear plan of action to address any ongoing issues as well as to budget for future needs.
Cybersecurity has become a significant concern for organizations regarding IoT devices as they may be scattered across various networks and dispersed locations — from video surveillance to access control, building management, and other types of devices.
Vendors strive to improve the security of these devices, but it’s ultimately up to the organizations to make sure devices remain secure post-deployment. System integrators can also help here by providing complementary services and support to help customers improve their IoT cybersecurity practices.
Roy Dagan is CEO of SecuriThings, a provider of solutions that enable organizations to protect their IoT devices while maximizing operational efficiency.
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!