The Industrial Internet Consortium (IIC) announced the publication of the Endpoint Security Best Practices white paper. It is a concise document that equipment manufacturers, critical infrastructure operators, integrators and others can reference to implement the countermeasures and controls they need to ensure the safety, security and reliability of IoT endpoint devices. Endpoints include edge devices, such as sensors, actuators, pumps, flow meters, controllers and drives in industrial systems, embedded medical devices, electronic control units vehicle controls systems, as well as communications infrastructure and gateways.
The paper explores one of the six functional building blocks from the IIC Industrial Internet Security Framework (IISF): Endpoint Protection. The 13-page white paper distills key information about endpoint device security from industrial guidance and compliance frameworks, such as IEC 62443, NIST SP 800-53, and the IIC IISF.
Everyone Can Use Endpoint Security Best Practices
Equipment manufacturers, industrial operators and integrators can use the Endpoint Security Best Practices document to understand how countermeasures or controls can be applied to achieve a particular security level (basic, enhanced, or critical) when building or upgrading industrial IoT endpoint systems, which they can determine through risk modeling and threat analysis.
While the white paper is primarily targeted at improving the security of new endpoints, the concepts can be used with legacy endpoints by employing gateways, network security, and security monitoring.
The full Endpoint Security Best Practices white paper and a list of IIC members who contributed can be found on the IIC website at Endpoint Security Best Practices white paper.