IoT Security Best Practices

Best practices for deploying the Phosphorus Platfrom

• Establish approval process for onboarding of new devices, computers, software applications, system access and networks

• Monitor devices, computers, software applications, system access and networks

• Change regularly system level and user level passwords

• Ensure software is updated continually and with protected and regularly rotated passwords

• Secure PCs, laptops and workstations with a password-protected screensaver, logging-off when host unattended

• Use encryption of information in compliance with company policy

• Encrypt disks used for PCs

• Use continually virus-scanning software with a current virus database

• Use caution when opening email attachments, which may contain viruses or other malware

• Avoid introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, e-mail bombs, etc.)

• Avoid effecting security breaches or disruptions of network communication

• Avoid port scanning or security scanning

• Executing any form of network monitoring which will intercept data not intended for the employee's host, unless this activity is a part of the employee's normal job/duty.

• Ensure user authentication or security of any host, network or account

• Avoid using any program/script/command, or sending messages of any kind, with the intent to interfere with, or disable, a user's terminal session