As companies look to leverage the immense benefits of smart, connected products and the Internet of Things (IoT), Security of the IoT cloud has become a topic of significant interest. The challenges surrounding securing connected devices in the cloud are not something that can be taken lightly.

 

In his latest LiveWorx blog, Tom Rassmann, Vice President, PTC Cloud Services, advises that the key to effectively mitigating risks in IoT cloud security is to carefully assess and prepare for the risks upfront. At the same time he outlines seven essential steps that we summarize here (to see them in all its extension read his blog)

 

  1. Secure your cloud infrastructure. In a wide-reaching IoT implementation, where the system’s sheer scale and complexity are magnified, it’s crucial to have layers of security.

 

  2. Leverage standard-based best practices. There’s no need to reinvent the wheel on IoT cloud security. There are several entities that provide security tools and guidance:  Cloud Security Alliance (CSA), the Open Web Application Security Project (OWASP) and the National Institute of Standards and Technology (NIST).

 

  3. Design for IoT security. Look at your whole IoT system, break down your IoT processes, and work to build in security at every step along the way.

 

  4. Secure your IoT devices. It’s safe to assume that hackers will attempt to invade your IoT device – and, considering the long life of a smart, connected product, it’s wise to plan for years of continual security enhancements.

 

  5. Secure your IoT connections. Data encryption and device authentication must be strong. Offer no unnecessary openings to intercept and modify your communications.

 

  6. Secure your IoT services and applications. As the market’s leading IoT offerings grow in maturity, their security features get better and better. But they’re still evolving. Your ongoing attention to IoT change management will be required.

 

  7. Secure your IoT users and access. Keep in mind: Not all in your network should be able to do all things. Embrace the extra protection of role-based permissions.

 

  This blog only touches on a very big topic. You can view Tom’s full LiveWorx presentation here. Or download PTC’s white paper on “Securing the Internet of Things.

 

  Please note too that Tom will present an updated version of his “Securing the IoT Cloud” presentation at LiveWorx 2016 in Boston on June 6-9.