PCB factory china think，To successfully implement the Internet of Things (IoT), network and security professionals need to create a security roadmap for the Internet of Things that includes these three things.

    Visibility is the Foundation of Internet of Things Security

    The first step in protecting the Internet of Things is to know what is connected. Visibility is the starting point, but there are several steps to achieve full visibility. This includes:

    Equipment identification and discovery. It is very important to have a tool that can automatically detect, analyze and classify network content and develop a complete equipment list. Once the profile is configured, security professionals can answer key questions such as "What operating system is on the device?" "How to configure?" And "Is it trustworthy or untrustworthy?" This tool continuously monitors the network so that equipment is very important and can be discovered and analyzed immediately after connection.

    Which Three Things Must Be Done for Internet of Things Security

    Forecast analysis. After discovery, the behavior of the equipment should be studied and baseline so that the system can respond to the attack before it causes any damage. Once a "norm" is established, environmental anomalies can be monitored and actions taken. This is especially useful for "low speed and low speed" advanced persistent threats (APT), which remain dormant and quietly map out the environment. Any change in behavior, no matter how small, will trigger the alarm.

    Segmentation improves security agility and prevents threats from moving laterally

    This is the biggest security problem today. The working principle of segmentation is to allocate strategies, separate assets and manage risks. When equipment is destroyed, segmentation prevents threats from moving laterally because assets are classified and grouped together. For example, a strategy may be established in a hospital to place all cardiac pumps in a safe zone. If one item is violated, medical records cannot be obtained.

    Three key issues need to be considered when combining segmentation planes.

    Risk identification. The first step is to classify the equipment according to the standards considered important by the company. This can be a user, data, device, location or almost any other content. Risks should then be assigned to groups with similar risk profiles. For example, in a hospital, all MRI-related endpoints can be separated into their own segments. If one item is violated, medical records or other patient information cannot be accessed.

    Policy management. As the environment expands, new devices need to be discovered and policies applied. If the device moves, the policy needs to move with it. Fully automating policy management is important because people cannot make changes quickly to keep pace with dynamic organizations. Strategy is the mechanism to manage the risks of the whole company.

    Control. Once the threat actor gains access, the attacker can roam the network for weeks before taking action. Isolating Internet of Things endpoints and other devices, servers and ports communicating with them allows companies to separate resources on a risk basis. Selecting the part of the network that handles interactions with IoT devices differently from the policy perspective allows the organization to control risks.

    Equipment protection first appears in Internet of Things security

    The primary task of Internet of Things security is to protect the equipment first and then the network. Once Internet of Things devices are protected and joined the network, they must be protected in a coordinated manner with other network elements. Protecting IoT endpoints is a matter of implementing policies correctly. This is accomplished through the following mechanisms:

    Policy flexibility and law enforcement. The solution needs to be flexible and be able to define and enforce policies at the device and access levels. In order to meet the needs of the Internet of Things, it is necessary to enforce rules to manage device behavior, traffic types, and where it can reside on the network. Internet of Things endpoints, consumer devices and cloud applications are examples of different policies that must be established and implemented.

    Threat intelligence. Once controls are in place, policies must be consistently implemented and compliance requirements must be translated throughout the network. This creates an intelligent structure that can learn from itself and respond to threats immediately. When intelligence is distributed through the network, actions can be taken at the attack point instead of waiting for the threat to reach the central point. Threat intelligence should be a combination of local and global information to identify threats before they occur.