**3. Risk prevention and management for the IoT systems**

The IoT risk sources can be classified into four categories, as displayed in the following table (**Table 1**).

IoT risks can be treated (mitigated) *via*:



**Table 1.** *IoT risk sources.* *Methods for Detection and Prevention of Vulnerabilities in the IoT (Internet of Things) Systems DOI: http://dx.doi.org/10.5772/intechopen.113898*


The best practices for IoT security are defined by the IEEE—the world's largest professional organization for technology advancement. In February 2017,—IEEE issued the document "Internet of Things (IoT) Security Best Practices" [12]. The document is divided into three areas, with recommendations for each area:

	- Make the hardware resistant to unauthorized use.
	- Provide regular firmware updates and upgrades.
	- Conduct dynamic testing.
	- Prescribe procedures for data protection on device disposal.
	- Use strong authentication.
	- Use strong encryption and security protocols [13].
	- Minimize device throughput.
	- Segment the network.
	- Protect sensitive data.
	- Promote and conduct ethical hacking.
	- Standardization of devices and certification of personnel and organizations.

The conclusion is that the mentioned recommendations and measures should be used by manufacturers who produce IoT devices, by programmers and engineers who come up with the design of devices and systems, by researchers and testers to evaluate IoT systems, and by legislators when creating security and other acts that cover the IoT area.
