IoTruth: Manufacturers will secure IoT devices

Today’s IoTruth: Manufacturers will secure my IoT devices:

Are you safe to solely rely on manufacturers to secure your IoT devices? The reality is, manufacturers would like to give you a secure product, but there’s a whole set of challenges that make this very difficult to execute.

Lack of expertise – the PC industry for the last 25 years has been trying to secure the computer. And it has not accomplished that. Now imagine all these manufacturers trying to build security into devices where their core expertise is not security. As security markets continually innovate, attackers will take advantage of the vulnerabilities. And they’re going to take advantage of that lack of security expertise from the manufacturers.
Margins – this is about money, right? Think of the devices that you’re buying. Some of the devices are cheap, in the tens of dollars. Manufacturers simply do not have enough margins in the sale of their products to build security from scratch into those devices. Security is expensive and that cost cuts into the profits of manufacturers.
Strict Rules – there are often strict rules for how manufacturers update their devices, and these can vary by industry. For example, the Food and Drug Administration (FDA) has certain guidelines for medical device updates. Staying compliant can be a challenge even for well-established manufacturers and there is often lag time between the discovery of a vulnerability and the issuance of an update or patch.
Competition – IoT is going to explode. Everyday new, innovative products come to market, and companies are beating each other by time to market. It’s that first vendor that’s going to take the market share and they’re going to build a product that customers want, with security as an after-thought. Building security from scratch takes time, and takes away from getting a product to market quickly.

So today’s IoTruth? Manufacturers will not be able to secure IoT devices. The burden of security is going to fall on the enterprise. You’ll be responsible for discovering all the devices that are connecting to your environment, and need to be able to control and secure them so that you can properly protect your organization.

Access Controls on an IoT Network

August 16, 2017

In my last blog, I described what main features to look for in a NAC solution. In this blog, I’ll discuss NAC’s graduation from a simple 802.1X solution, and what access controls mean today with the advent of the Internet of Things (IoT). I think we all understand that IoT devices are here, and here […]

0 comments

Like it or not, IoT is here

August 9, 2017

Twitter: @darrell_kesti I’m a lucky guy with a cool job where I get the opportunity to connect with organizations of all kinds in the Midwestern U.S. and all across Canada. In my travels, I have encountered an interesting viewpoint around IoT (Internet of Things) devices that I want to share with you. But before I […]

0 comments

IoTruth: Manufacturers will secure IoT devices

August 8, 2017

Twitter: @PedroAbreu_0629 Today’s IoTruth: Manufacturers will secure my IoT devices: Are you safe to solely rely on manufacturers to secure your IoT devices? The reality is, manufacturers would like to give you a secure product, but there’s a whole set of challenges that make this very difficult to execute. Lack of expertise – the […]

0 comments

Sign up for ForeScout News.

Sign up for a visit.

Thank you for your interest in ForeScout.