If we manage to quantify the increase in the number of IoT devices, we do not necessarily suspect the increase in the amount of data they produce. From cars to fitness trackers to the smart home or even the connected factory, our living and working spaces are full of IoT devices. Today, it is estimated that several billion IoT devices are in use around the world, generating data per zettabyte (that’s 1 and 21 zeros!).
This volume of information has greatly expanded the attack surface, and complicates the task of protecting corporate data. The IoT therefore represents a golden opportunity for cybercriminals today, offering them a goldmine of information to hack and many new entry points that may not be sufficiently secure or, worse, not considered. .
Companies must imperatively become aware of this mass and this growing variety of data in order to be able to collect and manage it. By crossing them with AI algorithms, they will be able to extract the data essential for making sound business decisions and more broadly save all those relating to the IoT that can be useful here, without having to delete or archive them.
This is not where the complexity ends, because as the volume of data grows, so does their importance. IoT devices today are capable of managing activities, operating our home appliances and even controlling our health systems. Any loss of functionality or data can then have a significant impact on both professional and personal life.
Backing up and securing these zettabytes is therefore essential. Companies must be able to insure them and in the event of an attack or business interruption, to be able to restore them as quickly and efficiently as possible.
So here are three tips to secure IoT data and help prevent risks
Have optimal visibility on all IoT devices
The major problem with securing IoT devices is that they are inherently insecure. Most are developed with ease of use, low price and connectivity in mind and thus lack built-in security controls. Additionally, updates and patches are rare, making it a particularly attractive target for cybercriminals.
Knowing the exact number of IoT devices on your network and keeping a detailed inventory of all connected assets is the first step towards being more secure. Once this visibility is gained, it is essential to verify the robust access control procedure with password. Many IoT devices come with fragile preset passwords. It is therefore advisable to ensure that the password is reset with a more complex and secure code before any connection to the company network.
It is also essential to implement a patch management program. Unlike most computer systems, IoT devices do not receive regular software updates to fix security vulnerabilities. This means that it’s up to you to establish a regulated update and patch management policy to prevent data loss.
Strengthen the data protection strategy
The 3-2-1-1 data protection strategy can also be very effective for IoT data. This provides three backup copies of your data on two different media (such as disk and tape), with one of these copies located offsite for optimal disaster recovery.
The final piece of this equation is immutable object storage. It helps protect data at all times by taking snapshots every 90 seconds for easy recovery. In the event of a service interruption, natural disaster, or ransomware attack, you can use snapshots to revert to the most recent state of the file. Moreover, immutable snapshots cannot be modified, overwritten or deleted, thus protecting data integrity against different types of threats.
With immutable snapshots, organizations with IoT devices can limit downtime and ensure smooth, uninterrupted delivery of services and business, even in the event of a disaster or ransomware attack.
Choose the right partners/suppliers
The IoT landscape is changing rapidly with many new devices coming to market every day. That’s why it’s crucial to choose data storage/retrieval vendors and partners that are nimble enough to adapt to this change and keep your systems secure.
Choosing the right partners/suppliers is not just for big organizations. Indeed, the IoT systems of even small businesses today produce massive amounts of data – comparable to those of an average business ten years ago. The management of these and their recovery in times of crisis are therefore of vital importance to guarantee business continuity, whatever the size of the organization.
It seems essential to recall the path taken with regard to the valorization of data. When the internet appeared, companies first learned that they would now produce a lot of data. They then understood the value of these and how important their protection was. The IoT is following the same trajectory, and companies can get ahead if their leaders understand today how vital protecting the data produced by these devices can be.