Security Essentials for IoT Success

Jamie Brown

This edition of Software Confidential is by Jamie Brown, Director of Global Government Relations at CA Technologies. Jamie focuses on global cybersecurity, cloud computing and data privacy policy issues.

Secure IoT with DevSecOps.

Organizations need to build security into their Internet of Things devices at the design phase. This approach is called “secure DevOps” or DevSecOps. A DevSecOps approach to IoT software should involve employing secure development processes that utilize a range of practices, tools and procedures, to minimize potentially harmful software vulnerabilities.

Secure the Identity of Things.

Identity is a key security concern for the Internet of Things. Every IoT device has at least one identity associated with it—and there are billions of devices. Every single IoT identity needs to be authenticated, to make sure the integrity of any data being transmitted is maintained. Relevant identity management and authentication services can be deployed on premise or delivered over the cloud.

Secure Privileged IoT Access.

Many of the identities associated with IoT devices are administrator logins that come with privileges to make significant changes. Privileged access management technology should be used to ensure these accounts are managed with appropriate access controls. These technologies can leverage risk factor and behavioral analytics to heighten security in a way that minimizes friction for end users.

By Jamie Brown | 06 Dec 2017