Connect with us

TECHNOLOGY

6 IoT Security Tips to Protect Your Devices from Cyber Threats

Published

on

6 IoT Security Tips to Protect Your Devices from Cyber Threats

Are your IoT security measures strong enough to ward off potential cyber threats?

If not, it’s time to level up your IoT security to protect your devices better. 

Data shows that IoT device cyberattacks shot up in 2018 and reached an all-time high of 300% the following year. 

The figure continues to grow as more users, organizations, and companies turn to IoT devices. 

The big question now is, how do you improve the security of these devices and assets in your company and keep them safe from cyber threats?

Advertisement

While there isn’t a 100% foolproof way to protect your devices from cyberattacks, there are IoT security best practices you can implement to fortify your defenses. 

Continue reading to find out more about the six cybersecurity tips to protect your IoT devices from cyber threats to ensure a more secure environment across your corporate network.    

IoT_Security-_A_Quick_Overview.png

IoT Security: A Quick Overview

Internet of Things security, or IoT security, is the protection measures and safeguards for network-based or internet-connected devices, including security cameras, home automation, and Supervisory Control and Data Acquisition (SCADA) machines. 

IoT security aims to protect internet devices and their connected networks from breaches and threats by identifying, monitoring, and protecting against attacks while addressing vulnerabilities that pose security risks. 

Robust IoT security measures help prevent attackers from stealing data, compromising the rest of your network, and launching other cyberattacks. 

IoT security is in the hands of device manufacturers, developers, and owners to ensure effective protection against cyber threats.

Advertisement

Best Practices for Implementing IoT Security

4 Common Problems With IoT Devices and How To Fix Them

Keep your IoT devices secure from cyber threats and address potential vulnerabilities with these security tips. 

1. Research Before Buying IoT Devices

A vital step to secure your IoT devices is to research before purchasing. 

Review the product or device’s security controls before buying. 

Not all IoT products include robust security, which means they can be easy to breach and infect with malware.

For example, products such as WiFi routers can come with security issues, which can expose your IoT devices to attackers.   

Ensure the IoT product allows you to configure the security settings, such as the default password, to strengthen the device’s protection from potential cyber threats. 

Advertisement

2. Implement Secure Data and Access Control Management

Configure and design IoT device data management and authentication from the get-go, including the following essential factors. 

  • Remote access. Establish security measures to protect and segment your live systems from testing environments. Doing so makes it harder to breach or take down everything if attacked. 

Also, protect your WiFi networks using WPA2 or WPA3 encryption. 

  • Authentication. Create authentication protocols for your data (transmitted and stored), devices, and systems. Implement robust authentication measures so only authorized users with the proper credentials can access your device settings and data.  
  • Ensure end-to-end security. Take a more comprehensive IoT security approach to help address the whole lifecycle across data transmission, collection, access, storage, use, and deletion, covering all bases.   
  • Limit permissions. Deploy only necessary admin access limits to help prevent unauthorized users from accessing your data and IoT devices. Allow users in your organization to only access what they need to perform their roles. 
  • Minimize the data you collect and store. Limit the personal data you collect and keep only those necessary for a specific time. Doing so helps avoid confidential data breaches accessed through your IoT devices.  

3. Ensure Regular Device Updates

Out-of-date IoT devices don’t have the security patches that devices with newer versions do. 

These can become potential attack vectors that hackers can use to infiltrate your networks and systems to steal confidential data. 

Regularly update your IoT devices to ensure their firmware and software have the latest bug fixes and security patches.  

Enable the device’s auto-update feature (if available), so you won’t need to do it manually. 

Also, regularly check your devices to see if they need updating. 

4. Turn off Unnecessary or Unused Features

You’re not likely to monitor IoT device features you don’t need, which can pose cybersecurity risks. 

Advertisement

The key is to disable the IoT device functions and features you don’t use or need to reduce potential vulnerabilities.  

Turn off features, such as open serial ports, unencrypted communications, TCP/UDP ports, unsecured radio connections, open password prompts, and anywhere attackers can carry out code injections, including a database or web server. 

5. Create an IoT Device Inventory

Keep track of the IoT devices (and device types) connected to your network. 

Maintain a detailed and updated inventory of all your connected assets. 

Tracking your IoT assets gives you a clear picture of everything connected to your network and systems, helping you spot and remedy security issues promptly and appropriately. 

Always keep your asset inventory up-to-date with every new IoT device connected to your network. 

Advertisement

At a minimum, your IoT asset inventory should include the model and manufacturer ID, current software and firmware versions, and the device’s serial number for easy tracking and management.  

6. Segment Your Network

An unsegmented network means that nothing is barricaded. 

Each endpoint communicates with another, so if attackers breach your firewall, they have access to everything. 

On the other hand, a segmented network is walled off in sections, making it harder for hackers to move around. 

Divide your network into multiple subsections. Doing so gives you granular control over the lateral movement of traffic across your devices and workloads. 

Use next-generation firewall policies and Virtual Local Area Network (VLAN) configurations to deploy network segments separating your IoT devices from your IT assets. 

Advertisement

This way, you can better protect your IT assets and IoT devices and keep attackers from exploiting your network laterally to carry out attacks. 

Strengthen your IoT Security to Safeguard your Assets

A solid IoT security policy and protection measures can help you mitigate risks, address vulnerabilities, and strengthen your defenses against cyber threats.

Take a proactive security approach to secure your IoT devices and, in turn, your networks, systems, and business-critical data.  

While there is no one-size-fits-all solution for keeping your IoT devices and assets secure, you can follow time-tested tips, use reliable tools, and continuously review and improve your security policies and strategies for better protection.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

TECHNOLOGY

Next-gen chips, Amazon Q, and speedy S3

Published

on

By

Cloud Computing News

AWS re:Invent, which has been taking place from November 27 and runs to December 1, has had its usual plethora of announcements: a total of 21 at time of print.

Perhaps not surprisingly, given the huge potential impact of generative AI – ChatGPT officially turns one year old today – a lot of focus has been on the AI side for AWS’ announcements, including a major partnership inked with NVIDIA across infrastructure, software, and services.

Yet there has been plenty more announced at the Las Vegas jamboree besides. Here, CloudTech rounds up the best of the rest:

Next-generation chips

This was the other major AI-focused announcement at re:Invent: the launch of two new chips, AWS Graviton4 and AWS Trainium2, for training and running AI and machine learning (ML) models, among other customer workloads. Graviton4 shapes up against its predecessor with 30% better compute performance, 50% more cores and 75% more memory bandwidth, while Trainium2 delivers up to four times faster training than before and will be able to be deployed in EC2 UltraClusters of up to 100,000 chips.

The EC2 UltraClusters are designed to ‘deliver the highest performance, most energy efficient AI model training infrastructure in the cloud’, as AWS puts it. With it, customers will be able to train large language models in ‘a fraction of the time’, as well as double energy efficiency.

Advertisement

As ever, AWS offers customers who are already utilising these tools. Databricks, Epic and SAP are among the companies cited as using the new AWS-designed chips.

Zero-ETL integrations

AWS announced new Amazon Aurora PostgreSQL, Amazon DynamoDB, and Amazon Relational Database Services (Amazon RDS) for MySQL integrations with Amazon Redshift, AWS’ cloud data warehouse. The zero-ETL integrations – eliminating the need to build ETL (extract, transform, load) data pipelines – make it easier to connect and analyse transactional data across various relational and non-relational databases in Amazon Redshift.

A simple example of how zero-ETL functions can be seen is in a hypothetical company which stores transactional data – time of transaction, items bought, where the transaction occurred – in a relational database, but use another analytics tool to analyse data in a non-relational database. To connect it all up, companies would previously have to construct ETL data pipelines which are a time and money sink.

The latest integrations “build on AWS’s zero-ETL foundation… so customers can quickly and easily connect all of their data, no matter where it lives,” the company said.

Amazon S3 Express One Zone

AWS announced the general availability of Amazon S3 Express One Zone, a new storage class purpose-built for customers’ most frequently-accessed data. Data access speed is up to 10 times faster and request costs up to 50% lower than standard S3. Companies can also opt to collocate their Amazon S3 Express One Zone data in the same availability zone as their compute resources.  

Companies and partners who are using Amazon S3 Express One Zone include ChaosSearch, Cloudera, and Pinterest.

Advertisement

Amazon Q

A new product, and an interesting pivot, again with generative AI at its core. Amazon Q was announced as a ‘new type of generative AI-powered assistant’ which can be tailored to a customer’s business. “Customers can get fast, relevant answers to pressing questions, generate content, and take actions – all informed by a customer’s information repositories, code, and enterprise systems,” AWS added. The service also can assist companies building on AWS, as well as companies using AWS applications for business intelligence, contact centres, and supply chain management.

Customers cited as early adopters include Accenture, BMW and Wunderkind.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

TECHNOLOGY

HCLTech and Cisco create collaborative hybrid workplaces

Published

on

By

Cloud Computing News

Digital comms specialist Cisco and global tech firm HCLTech have teamed up to launch Meeting-Rooms-as-a-Service (MRaaS).

Available on a subscription model, this solution modernises legacy meeting rooms and enables users to join meetings from any meeting solution provider using Webex devices.

The MRaaS solution helps enterprises simplify the design, implementation and maintenance of integrated meeting rooms, enabling seamless collaboration for their globally distributed hybrid workforces.

Rakshit Ghura, senior VP and Global head of digital workplace services, HCLTech, said: “MRaaS combines our consulting and managed services expertise with Cisco’s proficiency in Webex devices to change the way employees conceptualise, organise and interact in a collaborative environment for a modern hybrid work model.

“The common vision of our partnership is to elevate the collaboration experience at work and drive productivity through modern meeting rooms.”

Advertisement

Alexandra Zagury, VP of partner managed and as-a-Service Sales at Cisco, said: “Our partnership with HCLTech helps our clients transform their offices through cost-effective managed services that support the ongoing evolution of workspaces.

“As we reimagine the modern office, we are making it easier to support collaboration and productivity among workers, whether they are in the office or elsewhere.”

Cisco’s Webex collaboration devices harness the power of artificial intelligence to offer intuitive, seamless collaboration experiences, enabling meeting rooms with smart features such as meeting zones, intelligent people framing, optimised attendee audio and background noise removal, among others.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: Cisco, collaboration, HCLTech, Hybrid, meetings

Source link

Advertisement
Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

TECHNOLOGY

Canonical releases low-touch private cloud MicroCloud

Published

on

By

Cloud Computing News

Canonical has announced the general availability of MicroCloud, a low-touch, open source cloud solution. MicroCloud is part of Canonical’s growing cloud infrastructure portfolio.

It is purpose-built for scalable clusters and edge deployments for all types of enterprises. It is designed with simplicity, security and automation in mind, minimising the time and effort to both deploy and maintain it. Conveniently, enterprise support for MicroCloud is offered as part of Canonical’s Ubuntu Pro subscription, with several support tiers available, and priced per node.

MicroClouds are optimised for repeatable and reliable remote deployments. A single command initiates the orchestration and clustering of various components with minimal involvement by the user, resulting in a fully functional cloud within minutes. This simplified deployment process significantly reduces the barrier to entry, putting a production-grade cloud at everyone’s fingertips.

Juan Manuel Ventura, head of architectures & technologies at Spindox, said: “Cloud computing is not only about technology, it’s the beating heart of any modern industrial transformation, driving agility and innovation. Our mission is to provide our customers with the most effective ways to innovate and bring value; having a complexity-free cloud infrastructure is one important piece of that puzzle. With MicroCloud, the focus shifts away from struggling with cloud operations to solving real business challenges” says

In addition to seamless deployment, MicroCloud prioritises security and ease of maintenance. All MicroCloud components are built with strict confinement for increased security, with over-the-air transactional updates that preserve data and roll back on errors automatically. Upgrades to newer versions are handled automatically and without downtime, with the mechanisms to hold or schedule them as needed.

Advertisement

With this approach, MicroCloud caters to both on-premise clouds but also edge deployments at remote locations, allowing organisations to use the same infrastructure primitives and services wherever they are needed. It is suitable for business-in-branch office locations or industrial use inside a factory, as well as distributed locations where the focus is on replicability and unattended operations.

Cedric Gegout, VP of product at Canonical, said: “As data becomes more distributed, the infrastructure has to follow. Cloud computing is now distributed, spanning across data centres, far and near edge computing appliances. MicroCloud is our answer to that.

“By packaging known infrastructure primitives in a portable and unattended way, we are delivering a simpler, more prescriptive cloud experience that makes zero-ops a reality for many Industries.“

MicroCloud’s lightweight architecture makes it usable on both commodity and high-end hardware, with several ways to further reduce its footprint depending on your workload needs. In addition to the standard Ubuntu Server or Desktop, MicroClouds can be run on Ubuntu Core – a lightweight OS optimised for the edge. With Ubuntu Core, MicroClouds are a perfect solution for far-edge locations with limited computing capabilities. Users can choose to run their workloads using Kubernetes or via system containers. System containers based on LXD behave similarly to traditional VMs but consume fewer resources while providing bare-metal performance.

Coupled with Canonical’s Ubuntu Pro + Support subscription, MicroCloud users can benefit from an enterprise-grade open source cloud solution that is fully supported and with better economics. An Ubuntu Pro subscription offers security maintenance for the broadest collection of open-source software available from a single vendor today. It covers over 30k packages with a consistent security maintenance commitment, and additional features such as kernel livepatch, systems management at scale, certified compliance and hardening profiles enabling easy adoption for enterprises. With per-node pricing and no hidden fees, customers can rest assured that their environment is secure and supported without the expensive price tag typically associated with cloud solutions.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Advertisement

Tags: automation, Canonical, MicroCloud, private cloud

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

Trending

Follow by Email
RSS