I was reading an interesting piece in CIO regarding things a CEO needs to know about securing the Internet of Things (IoT).
With the advent of things which may be networked in the home and business there are risks to take into account for each and every one of us.
Endpoints are subject to exploit on networks operated by the uninitiated and the IoT initiatives are starting to proliferate in businesses with what is becoming a "a new, massive and complex expansion of the security landscape".
Security Planning and Monitoring
Service providers are that direct link to allowing your devices to go rogue on you. My personal feelings toward the entire matter is to maintain any IoT infrastructure behind a firewall requiring encrypted authenticated access.
Anything less is asking for trouble.
Cloud solutions should be redundant with no one service providing the only access to any infrastructure. Service disruptions are a fact of life and some more likely than others. Exploit attempts happen 24/7 and range from trivial to devastating. This is why I maintain a router which detects exploit attempts and discards those packets after logging them.
Good Netizenship
The monitoring of traffic, network intrusion detection and prevention, and that oversight which enables you to thwart IoT exploits are not typically built into those IoT peripherals. Your management of these facets of network ops typically require that those hooks are embedded in the security layer traffic must traverse to get to the IoT devices on your network.
So as you can see, a layered approach is most feasible in the never ending pursuit of network security at the home or the office. While I manage these things with routing and firewall equipment expressly designed for these purposes, a person with adequate utilities can fit the bill quite nicely and indeed nothing beats a close tab on the logs generated by the systems at your disposal for the presence of that exploit or virus payload trying to find it's way into your network and devices.