Weekly IoT Worries: Updates & Patching

The Internet of Things (IoT) and their related devices like IoMT, SCADA/ICS, and a litany of other connected devices do not work in the same manner as legacy devices. For example, these connected devices don’t connect to a central repository where IT can control entire categories of devices like can be done with Group Policy, Active Directory, and Windows-based systems. So, unlike their traditional endpoint cousins, connected devices frequently miss patches and lack any secure update mechanism.

Legacy endpoint management and protection tools rely on the more robust nature of the devices they are designed to protect. For example, most traditional endpoint protection tools require both software agents and login credentials to protect the endpoints it is tasked with keeping secure. Unfortunately, IoT and other connected devices are not generally capable of running software agents in any way. Add to that lacking ability to run new software that it is exceptionally rare for a connected device to have its login credentials managed by a central repository.

Because of these incompatibilities between the legacy devices and connected devices, the IoT is frequently left to fester and becomes more vulnerable over time. IoTSecure™ saw this issue and developed the IoT Security Appliances we offer to deal with this problem specifically. The IoTSA works alongside legacy solutions to monitor connected devices for missing patches, vulnerabilities, and abnormal behavior. The data that the IoTSA provides can be ingested in a plethora of ways, including weekly overview reports, access directly to real-time data in the CloudPortal™, or using any of the many APIs you can ingest that data into any source your organization prefers, whether that be direct to your SIEM, or a third-party SOC/NOC.

Learn more about IoTSecure and our IoTSA products at iotsecure.io.