IT and Business Insights for SMB Solution Providers

Taking Responsibility for Cybersecurity in an Increasingly Connected World

California's IoT security law is weeks away from going into effect, and there are more laws like it on the way. How proactive are you being about protecting power management and other devices? By Hervé Tardy

Across the IT landscape, few issues have raised greater concern than cybersecurity. The threat of data breaches not only represents one of the biggest challenges for IT staffs, but is also a major reason many IoT projects are delayed or scrapped. As networks continue to migrate off site and move away from the core data center, the threat of cyberattacks has become more present than ever. Server-gateway connections expand daily and the number of devices connected to networks constantly multiplies, simultaneously creating more potential targets.

The danger is so significant that individual state governments are now jumping into the game, taking legislative action to demand a higher level of cybersecurity. California recently passed a bill making IoT device companies more responsible for ensuring the privacy and security of the state’s residents. California law SB-327, which takes effect Jan 1, 2020, will require manufacturers of connected devices to equip them with a “reasonable security feature or features” that protect devices and their information from “unauthorized access, destruction, use, modification or disclosure.”

As smart, connected devices link together more and more elements of everyday operations, businesses will look to solution providers to be a proactive participant in addressing IoT and security risks.

Industry Adjustments

In the face of growing cyber threats, global safety science organization UL developed and published the UL 2900-2-2 standard for software cybersecurity for network-connectable devices. The UL cybersecurity certification provides a purchaser the assurance that the product has been thoroughly reviewed and tested against a trusted benchmark. As industry standards and government regulations continue to evolve, this type of respected independent testing will remain among the best means for solution providers and end users to ensure that manufacturers of power quality products and other IT systems have done their due diligence to mitigate risks.

If you’re wondering how critical cybersecurity is in UPSs and other power management devices, consider this: by targeting an overlooked vulnerability in a major retailer’s HVAC unit, hackers were able to access POS devices and steal 70 million client accounts. So, when businesses weigh all the benefits that IoT offers, they must also strategize how to secure each component within their connected infrastructure to ensure they’re protected. 

Challenges Ahead 

While meeting the requirements of laws like the one in California is a step in the right direction, much more must be done in the fight against cyber-crime. In fact, while some technology vendors have announced product updates to address the legislation, the California law—and others likely to come—encompass just a small fraction of what is outlined in the official UL certification for cybersecurity. 

Experts recommend taking a variety of measures to safeguard against cybersecurity threats, such as using a firewall and encrypting information; conducting routine security assessments; regularly updating antivirus software and antispyware; using advanced email filtering; establishing powerful password policies and endpoint protection; and offering employees cybersecurity awareness training. Furthermore, it has never been more important for companies to partner with technology providers who understand the risks that pervade the Internet and are taking positive steps to address them.

Taking a Stand 

With IoT innovation advancing at lightning speed, organizations must adapt quickly or risk getting left behind. Businesses can’t afford the complications associated with debilitating cybersecurity attacks, so it’s important for solution providers to take these threats seriously too. It takes a security-first approach to give customers optimal protection. By being proactive about cybersecurity, providers can ensure their customers are getting products—evident through collaborations with industry-leading standards—that will meet current and future demands. 

Hervé Tardy is vice president and general manager of Eaton’s Distributed Power Infrastructure business unit. In this role, Hervé manages the Americas product roadmap for power solutions, software, and connectivity products to reinforce Eaton’s technology leadership.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.