Securing the IoT: A Partner’s Guidebook

Peanut butter and jelly. Peanuts and Cracker Jack. Spaghetti and meatballs. Internet of Things (IoT) and security.

That’s right, as with the cloud, mobility and other new technologies, you can’t do the IoT without security.

Our one-stop slide show offers partners a primer on what they should know about protecting their customers’ “Things” before they walk into that first sales meeting.

Looking for more? Go here to download our in-depth report, “IoT: Why It Won’t Succeed Without the Channel,” or here for our 3-minute video that breaks down the keys to IoT security.

**Source material by Michael Davis**

Follow senior online managing editor Craig Galbraith on Twitter.

With the growth of new technologies, partners find themselves weaving security into the beginning of almost every sales conversation. If they’re not, they should be. Security is a critical piece of the burgeoning Internet of Things. For a solution provider who can address a customer’s concerns about IoT security, the world is their oyster.

What makes the Internet of Things a great offer for channel partners in the first place? Easy — it builds on competencies that already are at the core of what many partners know best: telecom, cloud and managed services.

Security problems in the IoT often involve firmware. Updates are needed frequently, but a lot of vendors don’t have a solid upgrade process. And consistency among devices is rare. Also rare is the ability to do a firmware upgrade remotely, and even when this process is supported, it often causes a device to lock up. That’s not good for the vendor, which begins to discourage firmware updates unless they’re considered essential. That, naturally, leads to security vulnerabilities.

When a vendor patches that vulnerability, it often does so only for the latest version. Companies that are few iterations behind then have to spend money to upgrade older hardware and potentially cause a failure, or ignore the update and leave themselves open to a hack. Channel partners can help by managing security for the client, testing firmware upgrades in a lab before pushing them out. Their job also requires staying abreast of the update process to make sure it’s a smooth one.

As with any information that travels over a network, security of the connection is important. Information from an IoT sensor typically goes through the client’s network via VPN or a direct connection. A channel partner can build, design and assess the security of all devices and their connections. It wouldn’t hurt to get input from a third party.

A partner should do regular audits to make sure the provider is properly configuring the cloud platform. Pay particular attention to logins, identity management and access management. Any person given the ability to update, reset or reconfigure a device should have to go through a two-factor authentication process for access.