Our global survey finds that security organizations face more — and more serious — challenges than ever. But they’re evolving their strategies to stay ahead of threats.
Published Date: April 7, 2023
IoT, or the internet of things, refers to a broad range of internet connected intelligent devices and systems — from smart home gadgets to smart city infrastructure, connected hospital equipment and robotic arms on the manufacturing floor. IoT security is a cybersecurity practice that’s part of a greater network security architecture concerned with monitoring and protecting these devices from threats.
Securing IoT devices is challenging for several of reasons. As manufacturers rush to deliver new connected devices to market, security often takes a backseat to functionality. That leaves these devices vulnerable to various types of cyber attacks and security issues. The problem is compounded by the scale of IoT deployments. A typical enterprise may have a large fleet of diverse IoT devices deployed to multiple locations thousands of miles apart, complicating visibility and hampering security. The challenge of IoT security grows exponentially along with network security as each added device potentially introduces new on-premises infrastructure and cloud security vulnerabilities.
In the following sections, we’ll look at how IoT works, and what IoT device security developments and trends are impacting the enterprise. We’ll also look at the IoT attacks and other security risks that IoT devices pose and how you can better secure your IoT network environment.
How does IoT work?
IoT works by connecting devices and other objects, or “things,” to an IoT platform. Each object collects data and sends it back to the platform where it is collected and analyzed, often using machine learning technology. In an enterprise setting, the most valuable insights culled from the aggregated data are shared with applications designed to serve specific needs. Individuals or teams can use this information to help solve business problems and increase operational efficiency.
In manufacturing, for example, industrial machines may be equipped with smart sensors that track real-time parameters such as temperature, pressure and vibration. This data is sent to an industrial IoT (IIoT) platform, where it’s contextualized with the equipment’s model, settings, usage and maintenance data, then run through predictive analytics algorithms to determine when the equipment is likely to fail. When a critical issue is detected, an alert is sent to the appropriate person or team so that they can fix or replace the equipment before it breaks down.
IoT facilitates data collection and analysis across a range of industries. Retail IoT devices, for example, collect data on product and shopping lifecycles to help businesses improve their sales, retail experiences and operations. In healthcare, Internet of healthcare things (IoHT) or Internet of medical things (IoMT) devices are used to manage hospital resources, assist with diagnostics, and facilitate remote patient monitoring. And manufacturing IoT devices are used for asset tracking, facility and inventory management, safety monitoring and equipment maintenance. In all use cases, IoT helps organizations operate more efficiently and effectively.
How does IoT relate to edge computing?
IoT and edge computing both involve “smart” devices that collect and analyze data. Because IoT devices and edge computing devices may be deployed within the same IT infrastructure, they’re often used interchangeably. However, they are distinct concepts with some significant differences, best understood by looking at what each technology does.
IoT devices often act as sensors collecting data from the physical world. A security camera, for example, captures video footage and a temperature sensor tracks fluctuations in heat and cold. In many cases, IoT devices don’t analyze the data, because they may lack the required processing power, and it is often more effective to perform aggregate analyses of data gathered from multiple devices.
Edge computing is an approach to information systems architecture that puts computing and operational technology closer to the data source, often represented by IoT devices. By processing and analyzing data at the point where it's collected instead of transmitting it back to a centralized server, edge computing devices increase network efficiency and reduce disruptions.
IoT and edge computing are complementary technologies that help organizations extract the value of data from the physical world. But there are some critical differences. These include:
- Device capabilities: IoT devices are equipped with sensors that can collect, transmit and receive data; edge computing devices may also have this capability, but it’s not a requirement, particularly if the device is used primarily for data analytics rather than collection. The most significant difference is that IoT devices are designed and streamlined for data collection, whereas edge computing devices are typically multipurpose computers that can perform data analytics.
- Software: IoT devices are powered by embedded operating systems designed for the limited memory and processing power allowed by the device’s physical size. The OS uses automation to allocate all the resources the device needs to perform its particular task and enables it to communicate over a network (e.g., with cloud computing services.) IoT operating systems may be challenging to update, which can leave the device vulnerable to failure due to software issues. Edge computing devices use standard operating systems that are straightforward to update and can perform a variety of functions.
- Data processing: IoT and edge computing devices also differ in how they process data. Because of their limited power, IoT devices can’t process much data locally. Instead, they must send the data they collect back to a centralized data system or an edge computing device for storage and analysis. Edge computing devices overcome the need to send data out for analyses by decentralizing this process and performing it directly on the device itself.
Why is server monitoring important?
Servers are some of the most critical pieces of your IT infrastructure, so it stands to reason that monitoring their performance and uptime is vital to the health of your IT environment. If a web server is offline, running slowly, experiencing outages or other performance issues, you may lose customers who decide to visit elsewhere. If an internal file server is generating errors, key business data such as accounting files or customer records could be corrupted.
Server monitoring is designed to observe your systems and provide a number of key metrics to IT management about their operation. In general, a server monitor tests for accessibility (ensuring the server is alive and reachable) and measures response time (testing that it is fast enough to keep users happy), while alerting for errors (missing or corrupt files, security violations and other problems). Server monitoring is also predictive: Is the disk going to reach capacity soon? Is memory or CPU utilization about to be throttled? Server monitoring is most often used for processing data in real time, but it also has value when evaluating historical data. By looking at previous weeks or months, an analyst can determine if a server’s performance is degrading over time — and may even be able to predict when a complete crash is likely to occur.
What are the benefits of IoT security in business?
IoT security in business has several benefits, including:
- Protection of sensitive data: Many IoT devices used in healthcare and other industries, (e.g. network-connected MRI machines) collect and transmit large amounts of personal data. Bad actors and other security threats can use malware and ransomware distributed by phishing, botnets and other means to infiltrate these devices for data. Cybercriminals can also use these endpoints as a gateway to access a network that contains a wealth of sensitive and personally identifying information. Data that’s stolen could leave the organization vulnerable to financial losses, reputational damage, regulatory violations and other consequences. By protecting both the endpoint devices and the data they collect and share, IoT security ensures hackers can’t easily access these high-value targets.
- Protection of critical infrastructure: In industries such as manufacturing, transportation, and energy, a disruption sourced to a distributed denial of service (DDoS attacks) or breach sourced to an IoT botnet can have much greater and more far-reaching ramifications than the loss of personal data. For example, a knocked out energy grid or a disrupted food supply chain could jeopardize everything from personal safety to the economy to national security. For that reason, the industrial internet of things adheres to particularly strict security standards.
- Optimization of businesses’ operations: IoT is important for optimizing businesses’ operations, whether it’s used to track the conditions of the production process, manage remote facilities, or monitor the health of manufacturing equipment. Implementing IoT security controls provides a bulwark against attacks that could harm system availability and performance.
What are some examples of IoT security in the enterprise?
Enterprises use a combination of measures to secure their IoT devices. Some of these include:
- Implementing strong passwords: Many IoT devices come with default administrator passwords. The problem is that these passwords are typically weak and so common that hackers maintain lists of them to easily infiltrate devices. To better safeguard their IoT devices from attack, enterprises must change default passwords to those that are long and complex and add multi-factor authentication.
- Disabling unnecessary functioning and dormant devices: Some IoT devices include multiple functionalities, some of which an organization may not need. Many printers, for example, can send and receive faxes even though almost no organization still uses faxing technology. Every device functionality increases the attack surface, so many organizations disable unnecessary functions to remove additional attack vectors.
- Isolating devices: IoT devices are designed to collect and share data with other devices and systems. But this feature is also what makes IoT devices such a security risk — by compromising a device, an attacker can gain access to sensitive systems and data. Many enterprises deal with this by removing some or all of their IoT devices from the main network and isolating them on their own network to prevent potentially crippling security breaches.

Enterprises adopt numerous measures to better ensure IoT device and overall network safety, including strong passwords, disabling unnecessary device functionality and isolating unneeded devices.
How do you secure IoT devices?
The following are security best practices you can take to secure your organization’s IoT devices:
- Take an IoT inventory: The first step is to discover what IoT devices and IoT systems are already connected to your network. An IoT monitoring solution will allow you to perform a basic discovery audit. As you take inventory, look for devices that shouldn’t be connected to your network, such as employee or vendor devices, as these could represent security vulnerabilities. For legitimate devices, assess their access rights to ensure the principle of least privilege. Also, look at what data is stored and shared by each device, as well as any privacy considerations associated with that data that may need to be addressed. Once you have a complete inventory of your IoT devices, you can prioritize the biggest security risks and identify ways to mitigate them, which may include removing the device(s) from the network.
- Physically secure the devices: Next, you should implement IoT security solutions and physical security measures for your connected devices. Make sure they can’t be stolen or tampered with. This is particularly important for devices that are in remote locations, as they will remain largely unsupervised.
- Secure the network: Make sure your Wi-fi, routers and network architecture is secure. Authorization should be required for IoT devices to use APIs, communicate with other devices, and perform other tasks that, if unrestricted, may be used by attackers to expand their footprint in the network if compromised. Avoid opening network ports unless it is necessary, allowing only authorized IP addresses when you do. To further limit attackers’ ability to move vertically and laterally through your corporate network, consider using segmentation to put IoT devices on a separate network from everything else or enabling connectivity by access control lists only.
- Keep systems updated: IoT devices may need regular software and firmware updates, as well as security patches. Ensure that your development and security teams keep each other apprised of system vulnerabilities and produce and deliver updates quickly.
- Perform penetration testing: No security solution is foolproof, so it’s important to simulate various kinds of attacks against your system — including malware, social engineering, and physical breach — using threat intelligence. This will enable you to understand and fix any vulnerabilities before they become a problem.
- Educate your employees: All workers must understand why IoT security is essential to your organization’s success. This can be accomplished through security training sessions and materials such as white papers that explain the various types of cyberattacks and how they’re executed. You can increase your organization’s chances of surviving a breach by including your IoT infrastructure and teams responsible for managing it in cyberattack drills that allow your staff to calmly practice responses.

Some of the best practices for ensuring IoT device security include taking an inventory of your devices, physically securing them, protecting the network, regularly applying patches, performing penetration testing and implementing employee trainings.
(For information about Splunk Infrastructure Monitoring, visit the product page here)
How has IoT security evolved over time?
As IoT adoption has grown, one of the biggest IoT security challenges is that IoT security has rapidly evolved from afterthought to a critical priority. The limitless potential of IoT devices meant that device functionality was usually prioritized over security. But the broad adoption of IoT devices, coupled with the unprecedented level of data breaches during the Covid-19 pandemic, brought IoT security into sharp focus. The rapidly evolving IoT regulatory landscape also suggests that stronger built-in security controls will be the next evolution of IoT security.
What is the future of IoT and IoT security?
The future of IoT and IoT security will be shaped by the still-rising number of cyberattacks. This aggressive threat landscape will continue to increase IoT security awareness, while enterprises will continuously better understand the implications of insecure devices. This heightened awareness will also drive more action from governments and other regulatory bodies to regulate IoT security, and manufacturers in turn will likely be required to start prioritizing security in their products.
Managing security in a complex IoT ecosystem isn’t easy, but it’s essential for the success of your business. Failure to implement strong security controls can result in the exposure of private data, financial losses, and even physical harm to your customers, employees or general public. Investing in IoT security will help you avoid these types of catastrophic consequences and keep your IoT assets optimally serving your business.

Splunk Data Security Predictions 2023
Our security experts predict an action-packed year. Get the latest on key trends.