IoT Cloud Portals – A Modern Day Hacker’s Keys to the Kingdom

IoT Agenda Logo
PUBLISHED ON December 26, 2018
LAST UPDATED August 2, 2021

It seems that nearly every week, another IoT related security story is in the news. While most of the coverage still focuses on the hardware, organizations often forget the cloud infrastructure that connects the differing threads of IoT devices. These portals are a mega culprit in the complicated and risky security landscape. They are a modern day hacker’s keys to your kingdom.

Instead of running a phishing campaign to discover and compromise individual devices, one at a time, a hacker can now utilize one device (or entry point) to gain access to millions of devices. Typically, this also exposes the data that resides on those devices, such as video footage. And unless strict coding practices and security controls are followed, implemented and audited on both the application and network levels, it is highly likely that such an application will be hacked. 

So what are the best practices when it comes to building, managing, and securing a centralized IoT management portal? In his fourth installment on the IoT Agenda column, ThreatX CTO, Andrew Useckas, outlines the top 4 tips from his own experience white hat hacking and securing devices. Here’s a preview of the first two: 

  1. Implement regular vulnerability scans 
  2. Know and monitor all potential attack vectors, including adjacent applications, servers, and more

You can read the full article on Cloud Portals on IoT Agenda, along with Andrew’s other contributions to the column.

Stay tuned for additional articles from Andrew via IoT Agenda in the coming months! 

IoT Agenda Logo

 

About the Author

Mackenzie Jacobson

Mackenzie is the Senior Manager of Digital Marketing at Threat X. She is a detail-oriented marketing professional with experience in B2B strategic marketing development, implementation, and analysis. Through highly-targeted, demand generation campaigns, Mackenzie is committed to bridging the gap between interested prospects and solutions providers, and does so through web, SEO/SEM, email, social, and display advertising campaigns. She has held prior roles managing global demand generation campaigns at a digital marketing agency, tech startups and Fortune 500 company.