Embedded, IoT, OT, and Physical Device Security
Key Takeaways
- Embedded, IoT, and OT devices often have long lifecycles, limited patching, weak defaults, and high availability requirements.
- Segmentation is a primary control because many devices cannot run normal endpoint agents.
- OT environments prioritize safety and availability, so security changes require careful testing and coordination.
- Physical security protects devices from theft, tampering, unauthorized ports, and console access.
- Asset inventory is essential because unmanaged devices cannot be patched, monitored, or retired correctly.
Embedded, IoT, OT, and Physical Device Security
Embedded systems, IoT devices, and operational technology often do not look like traditional computers, but they still create security risk. Examples include cameras, badge readers, printers, medical devices, sensors, building controls, industrial controllers, and point-of-sale terminals.
Common Characteristics
| Characteristic | Security impact |
|---|---|
| Long lifecycle | Devices may outlive vendor support |
| Default credentials | Easy initial compromise if not changed |
| Limited compute | May not support EDR or full disk encryption |
| Proprietary protocols | Harder to monitor or test safely |
| High availability need | Patching may require maintenance windows |
| Physical exposure | Attackers may reach ports, buttons, or storage |
IoT and Embedded Controls
| Control | Purpose |
|---|---|
| Asset inventory | Know device type, owner, firmware, location, and support status |
| Change default credentials | Remove common initial access path |
| Network segmentation | Limit what the device can reach and who can reach it |
| Firmware updates | Fix known device vulnerabilities |
| Disable unused services | Reduce attack surface |
| Certificate-based authentication | Strengthen device identity where supported |
| Monitoring | Detect unusual traffic or behavior |
| Secure disposal | Remove credentials, keys, and stored data |
OT Security Considerations
OT includes systems that monitor or control physical processes. Examples include PLCs, SCADA components, manufacturing systems, and building automation.
| IT priority | OT priority |
|---|---|
| Confidentiality often leads | Safety and availability often lead |
| Frequent patching may be normal | Patching requires testing and outage planning |
| Standard endpoint agents are common | Agents may be unsupported or unsafe |
| Office network traffic patterns | Deterministic process traffic may be expected |
OT security work should involve operations engineers, safety owners, and change control. A well-intentioned vulnerability scan can disrupt fragile devices if it is not planned.
Physical Device Security
| Risk | Control |
|---|---|
| Stolen device | Locks, cages, asset tracking, secure mounting |
| Console port misuse | Port blockers, locked cabinets, disabled ports |
| Rogue USB device | USB control, endpoint policy, port locks |
| Tampering | Tamper-evident seals, cameras, inspections |
| Unauthorized facility access | Badges, guards, mantraps, visitor logs |
Practical Scenario
A warehouse uses network-connected cameras, badge readers, and environmental sensors. The secure operations plan should inventory every device, change default passwords, place devices on segmented VLANs, restrict management to an admin subnet, update firmware during planned windows, monitor traffic for unusual outbound connections, and physically secure devices in public areas.
Common Exam Traps
| Trap | Better exam reasoning |
|---|---|
| "Install EDR on every IoT device." | Many IoT devices cannot run agents, so use segmentation and monitoring. |
| "Patch OT immediately without testing." | OT changes require safety-aware testing and scheduling. |
| "A camera is not a computer." | Networked devices can be attack paths. |
| "Physical access does not matter if the network is secure." | Physical access can expose ports, reset buttons, storage, or consoles. |
Quick Drill
Pick the best control:
- Stop cameras from reaching finance servers: segmentation.
- Prevent use of factory passwords: change defaults during onboarding.
- Protect a switch in a public hallway: locked enclosure.
- Avoid disrupting industrial controllers with scanning: coordinate testing and maintenance windows.
- Know which devices are unsupported: asset inventory with lifecycle status.
An IoT camera cannot run an endpoint agent. Which control most directly limits the damage if it is compromised?
Why should vulnerability scanning in an OT environment be coordinated carefully?
Which controls help protect physical devices from tampering? Choose two.
Select all that apply