Security recommendations for Kaspersky IoT Secure Gateway 1000
To ensure secure operation of Kaspersky IoT Secure Gateway 1000, it is recommended to restrict and control access to equipment on which the application is running.
Physical security of equipment
When deploying Kaspersky IoT Secure Gateway 1000 at a facility, you are advised to take the following measures to ensure secure operations:
Restrict access to the room containing the hardware that has the application installed, and restrict access to the equipment of the dedicated network. Access to the room must be granted only to trusted persons, such as personnel who are authorized to install and configure the application.
Employ technical resources or a security service to monitor physical access to equipment on which the application is running. Use security alarm equipment to monitor access to restricted rooms.
Conduct video surveillance in restricted rooms.
Information security
For use of application management tools, it is also recommended to take the following actions to ensure data security on the intranet:
Ensure protection of traffic within the intranet system.
Ensure that initial configuration of Kaspersky IoT Secure Gateway 1000 is performed only within the restricted perimeter.
Use digital certificates that were published by trusted certificate authorities. If certificates have been potentially compromised, it is recommended to update them.
Close the connection session with the Kaspersky IoT Secure Gateway 1000 web interface when the user is finished working in the web browser. To force termination of a connection session in the web browser, you need to use the Log out option in the user menu.