Onboarding a new IoT device to your network can be frustrating, requiring you to revamp multiple network credentials so that approved employees can use the device. There is currently a lack of trusted onboarding procedures and life cycle management for IoT devices. This can lead to the connection of unauthorized IoT devices to your network, leaving the network vulnerable.
The National Cybersecurity Center of Excellence (NCCoE), a division of NIST, has been tackling this gap. The NCCoE just issued a proposed example of a trusted network-layer onboarding solution using commercially available technology, which addresses a set of cybersecurity challenges and aligns with the NIST Cybersecurity Framework: Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management-Enhancing Internet Protocol-Based IoT Device and Network Security. Comments are due by April 19, 2021.
If your business benefits from IoT devices connected to your network for functionality, enhanced efficiency, and insights, allowing people and machines to readily share information, then this NCCoE initiative will impact you. Any IoT devices that you use in your business, from smart locks to thermostats, smart video cameras to automation, must be properly added to your network. Guidance on this front will help businesses do so with less risk, but the NCCoE’s final recommendations must be practical and economical for businesses large and small. If you want a voice in this NCCoE project, we can help you frame and submit persuasive comments.