Tag Archives: patch

A potential IoT systems vendor checklist v2.0

In order to maximize the value of an IoT system to an institution or city, how that system is implemented is critical. Without a thoughtful and thorough implementation, the value of the investment will not be met and, possibly, the value can even be negative through the addition of unmitigated risk to the institution or city.

I’ve updated the IoT systems planning considerations list from an earlier post and created a more checklist-like document to use when working with IoT systems vendors. Earlier versions appeared in posts Institutional considerations for managing risk around IoT,  Developing an IoT vendor strategy, and Systems in the seam – shortcomings in IoT systems implementation. Ideally, this document could be used during the contract development and negotiation phases with the vendor.

The intent of the document is to help compute the Total Cost of Ownership for an IoT systems implementation as well as raise expectations of the vendor for a delivered system. In doing so, we can help mitigate some operational risk (suboptimal business decisions) as well as cybersecurity-related risk (bad guys wanting to use our assets in a malicious manner).

I’ve created rough categorizes of issues falling under operational risk, cybersecurity risk, and those falling in both categories to help provide some additional structure. However, many issues influence each other so it’s not critical to get tied up in the categorization.

IoTChecklistV2-032716

A starting point for an IoT systems vendor checklist

pdf version here

D-Link begins offering router patches

D-Link announces that they are actively working to address (patch) the vulnerabilities to admin access via the web.  The post also cautions against responding to unsolicited emails about security vulnerabilities that “prompt you to action” as they could be opportunistic phishing scams.  They also recommend disabling wireless access to the router.

Router patches so far are available at the bottom of this D-Link post.

Patches for a separate issue involving D-Link network camera vulnerabilities are available here.

Think it’s okay to keep running Windows XP?

From this Microsoft blog.

This was an eye opener to me.  I would have thought XP infection rates were in the ball park of Windows 7. And this is while XP is still supported!

While there is some obvious self-interest for Microsoft to promote migration from XP, my gut is that this is reasonable data.

What percentage of your computers are still running on XP?