I have deployed around 50 IoT sensors in my factory for monitoring temperature and humidity. Recently read news about IoT devices getting hacked. What are the best practices to secure these devices? Currently they are connected to local wifi network and sending data to cloud.

Reply by: CyberSecurity_Expert
IoT security is very important and often neglected. Here are basic things you must do:

Change default passwords on all devices
Use separate VLAN for IoT devices, isolate from main network
Enable encryption for data transmission (TLS/SSL)
Keep firmware updated regularly
Disable unnecessary services and ports
Use VPN for remote access instead of exposing devices to internet

These are minimum requirements. For factory environment you should also implement network monitoring to detect unusual traffic patterns.

Reply by: NetworkAdmin_25yrs
Adding to above points - use certificate based authentication instead of just passwords if your devices support it. Also implement rate limiting on your IoT endpoints to prevent DDoS attacks. And please please please dont expose your devices directly to internet with port forwarding. I have seen so many IoT botnets because people do this.