Up to now, innovations of IoT and industry 4.0 mainly take place in large corporations. This changes because more and more medium-sized companies will follow the trend towards networking, smart products, cloud computing and digital services.
IoT produces and uses a wide range of data which have to be managed and available in real time access. What does this mean for the companies? Outsourced IT-requirement create major savings in efforts and costs and make cloud platforms indispensable to store the big data volumes. This efforts an adapted IT-architecture to use the potential of IoT-platforms with different functions and areas of application. But the more networking, the greater effort is required for a security strategy to reduce attack surface. Organizations designing and implementing IoT technologies should be aware of those attack surfaces to minimize the risk.
Therefore companies have to set regulations and guidelines to ensure the security of their IoT structure. These guidelines must be observed and implemented at all company levels and include authentication, authorization, access control, encryption etc.. The rapid change in IoT technology requires a permanent adaption of the security framework.
Recommendations for secure IoT architecture are given by ENISA (European Union Agency for Network and Information Security, www.enisa.europa.eu/…/baseline-security….iot/). The U.S. government introduced „Internet of Things Cybersecurity Improvement Act of 2017“ as a guideline for secure IoT devices. The „Open Web Application Project“ (www.owasp.org) offers detailed information on attack surfaces within an IoT structure and recommends preventing issues.
Organisations must invest in IoT security and have to increase their knowledge of protection against cyber attacks. This also applies to the service partners of the IoT framework. The selection of service partners within an IoT structure depends on the companies requirements and should be done seriously. IIC has a global and local network to recruiting partners and providers purchasing products for those specific needs.