By: Leo Lynch, Vice President, Asia Pacific at Arcserve
From connected cars and fitness trackers to smart homes and factories, our lives and workplaces are rife with IoT devices. IDC indicates growth of the IoT market in the Asia Pacific will reach $437 Billion by 2025. Altogether, there are now billions of IoT devices worldwide, and they’re generating data by the zettabyte.
All this data has greatly expanded the attack surface, making it more difficult for businesses to protect themselves. As a result, IoT is now a massive opportunity for hackers, presenting them with a gold mine of data and many new backdoor entry points that might not be adequately secure or, worse—not even known.
As the amount and variety of data produced by the world’s IoT devices race ahead, organisations must get their arms around this rapidly expanding universe of information. The more data there is, the more important it gets. IoT devices now manage businesses, home appliances, and control healthcare systems. Any loss of functionality or data from these devices can significantly impact business—and human life—more so than any computing system that came before.
Organisations must be able to secure their IoT data and, if there is a breach or downtime, they must be able to restore it as quickly and efficiently as possible. Here are three ways to successfully secure IoT data and prevent loss.
1. Get visibility into all the IoT devices on the network
The major problem with IoT device security lies in the fact they are by nature not secure. Most are developed with ease of use, low price, and connectivity in mind. They lack built-in security controls, and updates and patches are rare, which means they’re an attractive target for hackers.
The first step toward better security is knowing the exact number of IoT devices on the network and keeping a detailed inventory of all connected IoT assets. Once there is visibility into all the organisation’s IoT endpoints, it’s essential to establish robust password security. Many IoT devices come with weak preset passwords, so every time an IoT device is connected to the network, be sure to reset the installed password with one that is more complex and secure.
It’s also critical to implement a patch-management program. Unlike most IT systems, IoT devices do not receive regular software updates to patch security holes. Therefore, it is key to establish a regulated patch-management upgrade strategy to avoid data loss.
2. Double down on data protection
Another essential means of securing IoT data is the 3-2-1-1 data-protection strategy. The strategy directs that an organisation have three backup copies of data on two different media (such as disk and tape), with one of those copies located offsite for better disaster recovery. The final one in this equation is immutable object storage.
Immutable object storage safeguards IoT data continuously by taking snapshots of it every 90 seconds. These snapshots provide point-in-time data recovery. In the event of downtime, natural disaster, or ransomware attack, the snapshots can be used to roll back to a recent file state. Immutable snapshots can’t be altered, overwritten, or deleted, so they safeguard data integrity from loss due to human error, hardware failure, and ransomware attacks.
With immutable snapshots, organisations with IoT devices can avoid downtime and ensure the smooth and uninterrupted delivery of services and operations—even during a disaster or ransomware attack.
3. Choose the right partners
The IoT landscape is changing fast, with many new devices coming to market every day. Selecting data storage and recovery partners who are agile and sophisticated enough to adapt to change and keep data safe is crucial.
Choosing the right partners applies not only to large corporations but also to small companies. The IoT systems of even small companies today produce massive amounts of data comparable to a typical enterprise company a decade ago. Managing that data and recovering it in times of crisis is vitally important in getting the business back up and running, regardless of its size.
When the internet came along, businesses first learned that it produces a lot of data. Then they learned how valuable that data is. Then they knew how important it is to protect that data. IoT is following the same trajectory. Organisations can get ahead of the curve by understanding right now how vital it is to secure the data produced by the IoT devices on their network.