Devices and their management
IoT ecosystems are necessarily made from devices, but the actual control that the security team has over the device is frequently at the mercy of the manufacturer. In B2B relationships, these customer companies frequently have influence over the device manufacturer’s feature roadmap simply due to their purchasing power. This is also true with standard security features.
In order to ensure the security of their device endpoints, it is crucial for organizations to establish security best practice standards for their device manufacturers and create basic controls to ensure that these are being adhered to.
Security features and their accessibility
Given that best practices need to be defined for device security, it’s important to establish what the core features are that we expect from our devices? Each device implementation is of course application specific, however, the following provides a set of features a reasonable security professional can expect of endpoints.